Overview

overview

8

Static

static

3

c245f17531...4a.exe

windows7-x64

8

c245f17531...4a.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    c245f1753137bae1f12598682a54704a

  • Size

    281KB

  • Sample

    240312-ddntmagb92

  • MD5

    c245f1753137bae1f12598682a54704a

  • SHA1

    eea0ee181fad24ec7c718b89f473e12f71c03322

  • SHA256

    acb81e02df5e329568b5a61bbe51050396c13e16f72c0a7b458dedc23541bc0f

  • SHA512

    7f789cebb038573b01070f079bcd5c967333189fbfb158cbdd72ecc0715be1a69dffcf399c86e42c0783b00282463868818674e557240b73fb81217418ed9f28

  • SSDEEP

    6144:b4P9MUAX/g4jQS8Rn3Ex0+Mmt0k5WfVyVHglOLBOoy:b2+gWQSgwbMN+cyVHmOV7y

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      c245f1753137bae1f12598682a54704a

    • Size

      281KB

    • MD5

      c245f1753137bae1f12598682a54704a

    • SHA1

      eea0ee181fad24ec7c718b89f473e12f71c03322

    • SHA256

      acb81e02df5e329568b5a61bbe51050396c13e16f72c0a7b458dedc23541bc0f

    • SHA512

      7f789cebb038573b01070f079bcd5c967333189fbfb158cbdd72ecc0715be1a69dffcf399c86e42c0783b00282463868818674e557240b73fb81217418ed9f28

    • SSDEEP

      6144:b4P9MUAX/g4jQS8Rn3Ex0+Mmt0k5WfVyVHglOLBOoy:b2+gWQSgwbMN+cyVHmOV7y

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks