Overview

overview

8

Static

static

7

d48afdcaf3...4a.exe

windows7-x64

8

d48afdcaf3...4a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d48afdcaf3b8c3e646398721d0671f4a

  • Size

    15KB

  • Sample

    240318-z3b21sah5z

  • MD5

    d48afdcaf3b8c3e646398721d0671f4a

  • SHA1

    639f9bebceafb2b8bb2b4d368ae4db179e8ae850

  • SHA256

    d5db9e0826dcc737683d07cab277ea27d37ae04e4e2cd435e02f48c4b2e7491b

  • SHA512

    5b0437da6cfd900d984ae16d3b9fb218fa0f6eda80f693b5890ce10d227afab69550550fccd1a90fb4db04ec3baad5a7d2fe3ca3b903fcb4274e310db87ecba2

  • SSDEEP

    384:g6q3JNt9voKloc1vuqJWEmqzjcxhpOhQAJ+g:Rq3fvrloc1Gw8qzjAOhv

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      d48afdcaf3b8c3e646398721d0671f4a

    • Size

      15KB

    • MD5

      d48afdcaf3b8c3e646398721d0671f4a

    • SHA1

      639f9bebceafb2b8bb2b4d368ae4db179e8ae850

    • SHA256

      d5db9e0826dcc737683d07cab277ea27d37ae04e4e2cd435e02f48c4b2e7491b

    • SHA512

      5b0437da6cfd900d984ae16d3b9fb218fa0f6eda80f693b5890ce10d227afab69550550fccd1a90fb4db04ec3baad5a7d2fe3ca3b903fcb4274e310db87ecba2

    • SSDEEP

      384:g6q3JNt9voKloc1vuqJWEmqzjcxhpOhQAJ+g:Rq3fvrloc1Gw8qzjAOhv

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks