Overview

overview

8

Static

static

7

b89fea1873...1a.exe

windows7-x64

8

b89fea1873...1a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b89fea1873e1fc6bc11b89fda8a1971a

  • Size

    1.4MB

  • Sample

    240307-nj5dnsbb7s

  • MD5

    b89fea1873e1fc6bc11b89fda8a1971a

  • SHA1

    8813f7b73f2bbf370657dad6f060619dfe1d6f5d

  • SHA256

    d020c7b38ea630149ff0aece22bded120b6fd07d5782507cc68ea943c96699b5

  • SHA512

    e3b3ef8f4a787e602d0315f44e8c95537f42469e4bd596d2650e7c6f8cbba1e4172339fcae0dd6120aaaead4fca84b6f111c9f2f0aee46d76002ca58af97ccce

  • SSDEEP

    24576:vV7Xiu5YDTpF2paldsjTRG2dS4zb0fivWMj8kjdLCSMQ7d8mD3daENfZeFM:vtXiu5YHDAayVGmS0bSivDjZgSM6+mD0

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      b89fea1873e1fc6bc11b89fda8a1971a

    • Size

      1.4MB

    • MD5

      b89fea1873e1fc6bc11b89fda8a1971a

    • SHA1

      8813f7b73f2bbf370657dad6f060619dfe1d6f5d

    • SHA256

      d020c7b38ea630149ff0aece22bded120b6fd07d5782507cc68ea943c96699b5

    • SHA512

      e3b3ef8f4a787e602d0315f44e8c95537f42469e4bd596d2650e7c6f8cbba1e4172339fcae0dd6120aaaead4fca84b6f111c9f2f0aee46d76002ca58af97ccce

    • SSDEEP

      24576:vV7Xiu5YDTpF2paldsjTRG2dS4zb0fivWMj8kjdLCSMQ7d8mD3daENfZeFM:vtXiu5YHDAayVGmS0bSivDjZgSM6+mD0

    Score
    8/10
    persistenceupx

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks