Overview

overview

8

Static

static

7

New folder...ld.exe

windows11-21h2-x64

8

Resubmissions

19/03/2024, 19:34

240319-x98nfsdc22 8

19/03/2024, 19:34

240319-x933zaea7t 8

19/03/2024, 19:25

240319-x4z45adg5s 8

19/03/2024, 19:22

240319-x3b1xach26 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    New folder.zip

  • Size

    229KB

  • Sample

    240319-x98nfsdc22

  • MD5

    ece114cd8a9dc2d6e281f6e86706c9a3

  • SHA1

    50bac1673ff4b2431ec43ce762f049bba1be76cd

  • SHA256

    74d5ba19a38a3761da93d274ba30fdccfd4d08fba50be01d088fc0ce36e31969

  • SHA512

    91f41b489221e3d7eb7e768521463636c87ba8758a3314ce96a674707ee210615f0b1932afc35909fe67d523b0c92f14f7cdf47f32668714bfc940552ab56a57

  • SSDEEP

    6144:p8/xALE4bNQePOfmtI7O4Gxjh6UIjnosKRuG4kPI:kR1eGfmtxFjh6UOosKRfS

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      New folder/Email-Worm.Win32.Magold.exe

    • Size

      235KB

    • MD5

      d40a18b03a699f63ee469a7b39ae86a7

    • SHA1

      45eb3a218beded8bc4faa70d6ef5519bbddcb749

    • SHA256

      8dd1796ca7db68bc3e7daa76b17b71e162f287949185695cbbf33833ad1cc67c

    • SHA512

      d4a3f67cee28cd146d9c642ae64f2f39be0d2e2c386f5a0c21eadd89a010a8b3997406f662ed598d2fbea600f1044235e1e485c165da2a6e06e86e2f3b75ec1a

    • SSDEEP

      3072:tGY6jEqdhFidUwFoRXbMRT4NIcmvyk2GqrUVksD3XRmY1n188bcXzwQsEv6/v49S:tGNrXcdUwQMRkNIc1rUeORmN8FpgL

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Modifies system executable filetype association

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks