Overview

overview

10

Static

static

10

0215c74940...da.exe

windows7-x64

10

0215c74940...da.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0215c749400b5b216d5b5a91786822584666154a826f731aeca76b3a5a6fffda

  • Size

    46KB

  • Sample

    240309-vwky5adg6x

  • MD5

    a5ede31bc465c9ee169fccc0e64d0ca5

  • SHA1

    a85e1cb842d325ae3ff3fab0ea32eafd847475ee

  • SHA256

    0215c749400b5b216d5b5a91786822584666154a826f731aeca76b3a5a6fffda

  • SHA512

    666a5a84be9b0a7aa06e42c53f55d756fead9ef55ce00a50fe518ac4a2528533d6afdfc0cc9c11f3f427818b400f8d2e0b46c8e425fa21e4db6706175ca6f38e

  • SSDEEP

    768:yEyjL+YrsRvBu2CDmd1EJrC9JXUqRwvVzWM44yB3EhrX+IMzL0HfYPL/J0B/:ML+Yrc9C6gJmEqRw9zfrypYXvAL0HwTo

Score
10/10
evasiontrojanupx

Malware Config

Targets

    • Target

      0215c749400b5b216d5b5a91786822584666154a826f731aeca76b3a5a6fffda

    • Size

      46KB

    • MD5

      a5ede31bc465c9ee169fccc0e64d0ca5

    • SHA1

      a85e1cb842d325ae3ff3fab0ea32eafd847475ee

    • SHA256

      0215c749400b5b216d5b5a91786822584666154a826f731aeca76b3a5a6fffda

    • SHA512

      666a5a84be9b0a7aa06e42c53f55d756fead9ef55ce00a50fe518ac4a2528533d6afdfc0cc9c11f3f427818b400f8d2e0b46c8e425fa21e4db6706175ca6f38e

    • SSDEEP

      768:yEyjL+YrsRvBu2CDmd1EJrC9JXUqRwvVzWM44yB3EhrX+IMzL0HfYPL/J0B/:ML+Yrc9C6gJmEqRw9zfrypYXvAL0HwTo

    Score
    10/10
    evasiontrojanupx

    • UAC bypass

      evasiontrojan

    • Detects executables packed with VMProtect.

    • UPX dump on OEP (original entry point)

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks