Overview

overview

8

Static

static

7

ded9bf868b...b1.exe

windows7-x64

8

ded9bf868b...b1.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ded9bf868b31a00bb658b44aa70e15b1

  • Size

    13KB

  • Sample

    240326-lmma6afc87

  • MD5

    ded9bf868b31a00bb658b44aa70e15b1

  • SHA1

    a60be4ad196224715219e8d7ff747102b441bed0

  • SHA256

    27328041bb85b2e5b2a48743d362663d4907e3a07e7b7a2f3cc72e8a8cfab462

  • SHA512

    3f2cfc914f5b7abe2529c35e071da3802d932cbd8289ac298162e8993bfae2dd5640a30ea48245335aba7c1358485aa80100c4bc974e28374f27300648af3cf1

  • SSDEEP

    384:Im/3/+W1Y3/P9ixhLcftAmhux4pxOjgAzCEY:Im3FYvPy+H

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ded9bf868b31a00bb658b44aa70e15b1

    • Size

      13KB

    • MD5

      ded9bf868b31a00bb658b44aa70e15b1

    • SHA1

      a60be4ad196224715219e8d7ff747102b441bed0

    • SHA256

      27328041bb85b2e5b2a48743d362663d4907e3a07e7b7a2f3cc72e8a8cfab462

    • SHA512

      3f2cfc914f5b7abe2529c35e071da3802d932cbd8289ac298162e8993bfae2dd5640a30ea48245335aba7c1358485aa80100c4bc974e28374f27300648af3cf1

    • SSDEEP

      384:Im/3/+W1Y3/P9ixhLcftAmhux4pxOjgAzCEY:Im3FYvPy+H

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks