Overview

overview

7

Static

static

7

Email-Worm...va.vbs

windows7-x64

5

Email-Worm...va.vbs

windows10-2004-x64

4

Email-Worm...tr.exe

windows7-x64

1

Email-Worm...tr.exe

windows10-2004-x64

1

Email-Worm....A.exe

windows7-x64

7

Email-Worm....A.exe

windows10-2004-x64

7

out.exe

windows7-x64

3

out.exe

windows10-2004-x64

3

Email-Worm....L.exe

windows7-x64

7

Email-Worm....L.exe

windows10-2004-x64

7

Email-Worm....M.exe

windows7-x64

7

Email-Worm....M.exe

windows10-2004-x64

7

Email-Worm...NF.exe

windows7-x64

7

Email-Worm...NF.exe

windows10-2004-x64

7

Worm/Net-W...er.zip

windows7-x64

1

Worm/Net-W...er.zip

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Worm.zip

  • Size

    348KB

  • Sample

    240315-1yessacb3x

  • MD5

    c2b30a122e2447cc0b784d8062dc3a0f

  • SHA1

    933b6587ae37db5607a314977f00f79572997442

  • SHA256

    bfbb0c9687fa8e3d87a0d5cbf400d43f6072ba1081ae3e65834bb31e4e5d18e2

  • SHA512

    f1e9376eb146715fa010c61d5b4fdafe9481e2fed558cdd044d8fa87adc501892dd66771aa1b1c336cfb8cd727969251279fc31d32cb6190875fa0644b787096

  • SSDEEP

    6144:DgZoSi5ZU+RND/McLTZ+FWPLnLnGIKlQT3vfsDBIv2gUYoWewpOSdVyP26E/GOWO:Dg6Si5ZU+RNDUATAFkLLnLiQTHsDBI/x

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      Email-Worm.AnnaKournikova.vbs

    • Size

      1KB

    • MD5

      a312dc3504108fcfd1b1ae5d32b3e1fe

    • SHA1

      59325ae751a969af706bb07ed676e56cd40b1431

    • SHA256

      2c7964292fa38b6ec52f6c2d8197ebc119392fbc2254243125d133a3ae8b9a84

    • SHA512

      8cca2fc6d3584029fee39b4a75567d6c33f5b5625a894bf065f6d9d253215594700665a149dba5db659354e396fae50cbae563e05b53d66ae63d1aec5ee259ed

    Score
    5/10

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      Email-Worm.Magistr.exe

    • Size

      107KB

    • MD5

      9890349fe3c68f5923b29347bba021a4

    • SHA1

      fa080a50486b205b75833a6b5c9505abb1e3b4df

    • SHA256

      068f2ee28af7645dbf2a1684f0a5fc5ccb6aa1027f71da4468e0cba56c65e058

    • SHA512

      aedd86837987cbe8c0b1cf3b4ca0c3a875e4cc9bcc8097c160d0d6070427ad9e1d871d5339ea95cc03499c39a6536b5a6b6d43372a49eeaf2e87bf755a3d3367

    • SSDEEP

      3072:pRr1m0iQwTlFiIoXTLDCLLUsgULFsfMGdd64:Lk0LCwIi3DMUwFNGd04

    Score
    1/10
    behavioral3behavioral4

    • Target

      Email-Worm.MyDoom.A.exe

    • Size

      22KB

    • MD5

      53df39092394741514bc050f3d6a06a9

    • SHA1

      f91a4d7ac276b8e8b7ae41c22587c89a39ddcea5

    • SHA256

      fff0ccf5feaf5d46b295f770ad398b6d572909b00e2b8bcd1b1c286c70cd9151

    • SHA512

      9792017109cf6ffc783e67be2a4361aa2c0792a359718434fec53e83feed6a9a2f0f331e9951f798e7fb89421fdc1ac0e083527c3d3b6dd71b7fdd90836023a0

    • SSDEEP

      384:96ZQHXcE7hUHwT56cC9Kg65JdwGADkHw/Rjxtuu7VIGGwQWEqpD6:CavuHAUcW/ojwG6kHw/lxqbW

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral5behavioral6

    • Target

      out.upx

    • Size

      32KB

    • MD5

      c1b1fccf6394c39515f0f86db27db706

    • SHA1

      019ebac73dae3cbf0958ba52dadc174a4b0b2242

    • SHA256

      647baea011bb1a19c85f0efeeeaffa02f85044656657eed850f0d68f18614469

    • SHA512

      8d128934408213714de2fe6da28558330e11226e1c8a95140a6ae005b64f58e73c4bb76ceff265b8d8a1eaa2042238282440169916708a6d1f826917eb548533

    • SSDEEP

      768:XJt9QXTt8QJZiQcpePcb9eRIdZATwYv1u:Zbq8Qcw5InATwYvY

    Score
    3/10
    behavioral7behavioral8

    • Target

      Email-Worm.MyDoom.L.exe

    • Size

      75KB

    • MD5

      6e3eb7a689f74c1be3cc36e17b5b40b7

    • SHA1

      368a7fa00deeaf424eb120e33584aa0e26c77467

    • SHA256

      2b7e797179a4c286386e147c85ad5dd117ec5279470588387cb68ee8252bfd87

    • SHA512

      1858bbb342aaca191ba2361339555f6bd5a7ae50da62afa0240f1c336c092eafae51d75521b0b0e09e13edeca4a87578058ed9afa7ea6356f25a62765c1a7c86

    • SSDEEP

      1536:n87wc1aGNC0klI7CPpIFa62p+g/1DrkoNrs/bZM1vxKf0:87wc1aOCo7CxIM+g/1Drko69Wx40

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral10behavioral9

    • Target

      Email-Worm.MyDoom.M.exe

    • Size

      40KB

    • MD5

      a787dc1219ef5f319246fd848afccc5f

    • SHA1

      0d199e91ae3c06403afd15bd6c051b0c65aae422

    • SHA256

      a1b092b57018640fea82c46da2d79f6c008ee74864da03839144b52d91e9f842

    • SHA512

      8659c8b75833020cb59c0876286a21e271aa9865eac7011b6dc1044a337d5d93ce9fdf4de69ecee4525d94f056b0e78521bbda9d11dfb05b22c88de056251430

    • SSDEEP

      768:aq9m/ZsybSg2ts4L3RLc/qjhsKmHbk1+qJ0UtHnhvr:aqk/Zdic/qjh8w19JDHnhz

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral11behavioral12

    • Target

      Email-Worm.MyDoom.NF.exe

    • Size

      44KB

    • MD5

      f0a4e1b9f16bedb637748b0ae2d38b0b

    • SHA1

      36a61581ee833366a2f75c900cba601a3b317105

    • SHA256

      0ead89a60b4d19bfca4a7d25391acf27e21a2e921eeb45327e1e23737f89a806

    • SHA512

      3754150ab510d9bf8b4f1cb98edd16616af5e0bcb777c821368573b53e2a76590568a0d9812ea4e4ccf0171e912ede3240d00b35c437b8f0696585276a3472d0

    • SSDEEP

      768:SCIqdH/k1ZVcT194jp4yEP5w+814Rz6C3+SOGw8crAmvGFpUqMt:SNqaLV8a6yEPe+8KX3JM

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral13behavioral14

    • Target

      Worm/Net-Worm/Net-Worm.Sasser.zip

    • Size

      14KB

    • MD5

      be6f0b806b1af58edb9dbf74be9db39a

    • SHA1

      eccb5abb0e89e4c388c6d10108893cd8f5c6b446

    • SHA256

      de74838f821b7bd3ca00eb57527e8e1b598224157e37b56dcdfcc3e96d17c58a

    • SHA512

      5980404ef1a59a93660d06d8904884715e41efcae405e7acb31ce785aa7fb5569a2686477a4dae307fa4960f7effc3f7f7579e88874ce2d124b7372d470684c2

    • SSDEEP

      384:UhedkOSftBn4rQeo7o48+nbgueAOItlyykUd:UheddIX4snFEueovd

    Score
    1/10
    behavioral15behavioral16

MITRE ATT&CK Enterprise v15

Tasks