Overview

overview

10

Static

static

7

b87612276d...67.exe

windows7-x64

10

b87612276d...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b87612276dc2138689b9a206136a6467

  • Size

    238KB

  • Sample

    240307-l26ckshg91

  • MD5

    b87612276dc2138689b9a206136a6467

  • SHA1

    b34ad762a48a782b8247568b587c994ad52fc8cf

  • SHA256

    10817d8b50847998398ccc6fec54bf0ae5d19bd44223ca8fcce9d3eb51ab115c

  • SHA512

    4390925f8e2c0dd4def428cabdc7d2ce7b889c92ad40960104dd2e1006078874ee74dd15e0c327597424edc5b664d08ee12f1a683860c00ca918d82a40e8a1ec

  • SSDEEP

    6144:itUuNVrbzeXDvPTcQsn+AGMViH5urJglfWAem:buNV7mv4nGMViwrJg4A3

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      b87612276dc2138689b9a206136a6467

    • Size

      238KB

    • MD5

      b87612276dc2138689b9a206136a6467

    • SHA1

      b34ad762a48a782b8247568b587c994ad52fc8cf

    • SHA256

      10817d8b50847998398ccc6fec54bf0ae5d19bd44223ca8fcce9d3eb51ab115c

    • SHA512

      4390925f8e2c0dd4def428cabdc7d2ce7b889c92ad40960104dd2e1006078874ee74dd15e0c327597424edc5b664d08ee12f1a683860c00ca918d82a40e8a1ec

    • SSDEEP

      6144:itUuNVrbzeXDvPTcQsn+AGMViH5urJglfWAem:buNV7mv4nGMViwrJg4A3

    Score
    10/10
    evasionpersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks