Overview

overview

8

Static

static

3

Chew7.exe

windows7-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chew7.zip

  • Size

    4.5MB

  • Sample

    240308-298exahg68

  • MD5

    ca7733e0c19af7382bbc60b0b7802316

  • SHA1

    8bd2a2257a6bd92fa00fd06c11663d7c7df9afd2

  • SHA256

    077f6109a75b3a1599cdb43bc5b5ff519ff49cff1f9f0a1f6370ab1a8b2a44af

  • SHA512

    06ab0e0f424066d181567d5fc1040a58a30efa650ad0be3a887bee20afb3d0e3b9a97619219213b5440976d95e3ebdf4455dfdf203f2487430c7923bc0b37e31

  • SSDEEP

    98304:1AULRW2fOz2BrkvEhtZpMOVemUzxuYns0:mUs2fOSxkshSqxk9

Score
8/10
discoveryexploitpersistenceupx

Malware Config

Targets

    • Target

      Chew7.exe

    • Size

      4.6MB

    • MD5

      7b232997942b2a5c7e4dbe931bb4c67c

    • SHA1

      06c6d3b5b66585f03bab25c774baadb575cb1515

    • SHA256

      0a88faa27484c7c163bc90fbf806a9dab84226c2f60f3410695278ee76d065f5

    • SHA512

      1959f3334af0061fac523e31fb030d77c13696977cc151453ca0546cc624d234b2198d141e61d597e0d3c2ff3068ad8f3d732dd477a5b535ccd56dd953588412

    • SSDEEP

      98304:6BkL7VOQCsDdOmYglo4Y14pygKq7VOQCsDdOmYglo4Y14pygK:6OLPLDVYglq1pqPLDVYglq1p

    Score
    8/10
    discoveryexploitpersistenceupx

    • Possible privilege escalation attempt

      exploit

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks