Overview

overview

10

Static

static

3

bf8d017bfc...9b.exe

windows7-x64

10

bf8d017bfc...9b.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf8d017bfc772bd5b2a37b48a313ec9b

  • Size

    362KB

  • Sample

    240311-cg8grshf58

  • MD5

    bf8d017bfc772bd5b2a37b48a313ec9b

  • SHA1

    5720e493c201b32dcf49a02437bde10ce40ed426

  • SHA256

    a68a1aaea65d3569752892a79f760c1cd8e707631ec5284758f75d524c4207f5

  • SHA512

    1624b2bacf41d65037af597e6017d9b24db89c866f73159789d47322503d1fc399b57af59e03f9b6b454a2398b286c7aec096e38feaa9c6e25e92de1faf1e544

  • SSDEEP

    6144:FeM+2bf0uz7tn4tiT/gk+/WLfmByIJvpwduxCazhXjNeNsN5:FeM+lO7qQz+OacIRpwqCayg5

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      bf8d017bfc772bd5b2a37b48a313ec9b

    • Size

      362KB

    • MD5

      bf8d017bfc772bd5b2a37b48a313ec9b

    • SHA1

      5720e493c201b32dcf49a02437bde10ce40ed426

    • SHA256

      a68a1aaea65d3569752892a79f760c1cd8e707631ec5284758f75d524c4207f5

    • SHA512

      1624b2bacf41d65037af597e6017d9b24db89c866f73159789d47322503d1fc399b57af59e03f9b6b454a2398b286c7aec096e38feaa9c6e25e92de1faf1e544

    • SSDEEP

      6144:FeM+2bf0uz7tn4tiT/gk+/WLfmByIJvpwduxCazhXjNeNsN5:FeM+lO7qQz+OacIRpwqCayg5

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks