Overview

overview

8

Static

static

7

bf1a4049b0...5b.exe

windows7-x64

8

bf1a4049b0...5b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf1a4049b073c64c94212e7f79b1845b

  • Size

    1.3MB

  • Sample

    240310-t8y6vagf7x

  • MD5

    bf1a4049b073c64c94212e7f79b1845b

  • SHA1

    36cf180765fa781bfcd80da297c4b6264aa833cf

  • SHA256

    4b2a39b4eaf73755a42e3defb373c37373bf52a2e56b0b7440fb1034dd80dbab

  • SHA512

    b34bed1f97dcb4d80c77c5f681a8be7ae86cc4ecb0c147484256d05cc50e896e15f7159756f819c5d765b3987ff8149c7c53811041d148d9a42a7781704315f3

  • SSDEEP

    24576:QTDarqWqRbstcHZm6iY30mrC0Spe0Pfa/1XALg82ry9webVnM:QTDYwwa5mYEmrnge0wA700p1M

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      bf1a4049b073c64c94212e7f79b1845b

    • Size

      1.3MB

    • MD5

      bf1a4049b073c64c94212e7f79b1845b

    • SHA1

      36cf180765fa781bfcd80da297c4b6264aa833cf

    • SHA256

      4b2a39b4eaf73755a42e3defb373c37373bf52a2e56b0b7440fb1034dd80dbab

    • SHA512

      b34bed1f97dcb4d80c77c5f681a8be7ae86cc4ecb0c147484256d05cc50e896e15f7159756f819c5d765b3987ff8149c7c53811041d148d9a42a7781704315f3

    • SSDEEP

      24576:QTDarqWqRbstcHZm6iY30mrC0Spe0Pfa/1XALg82ry9webVnM:QTDYwwa5mYEmrnge0wA700p1M

    Score
    8/10
    persistenceupx

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks