Overview

overview

7

Static

static

3

08089429ee...cf.exe

windows7-x64

7

08089429ee...cf.exe

windows10-1703-x64

7

08089429ee...cf.exe

windows10-2004-x64

7

08089429ee...cf.exe

windows11-21h2-x64

7

Resubmissions

17/04/2024, 14:25

240417-rq95aabg57 7

17/04/2024, 14:24

240417-rq63madc5t 7

17/04/2024, 14:24

240417-rq3p7sbg46 7

17/04/2024, 14:24

240417-rq24nsdc4w 7

17/04/2024, 14:24

240417-rq2g5sbg44 7

15/04/2024, 13:54

240415-q7j4raab8z 7

15/04/2024, 13:53

240415-q7bglsfh88 7

15/04/2024, 13:53

240415-q682gsab8s 7

15/04/2024, 13:53

240415-q61p4sfh83 7

15/04/2024, 13:53

240415-q6z4ksab7w 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    08089429ee4231d39dd0f2c970dca60e09a72e6c003f480f2dad76b032fdc1cf

  • Size

    1.9MB

  • Sample

    240415-q61p4sfh83

  • MD5

    0b559ca054356534e07322d4cd00a351

  • SHA1

    e5be9a86c3da0a25a15bad5b06390cae4f71610a

  • SHA256

    08089429ee4231d39dd0f2c970dca60e09a72e6c003f480f2dad76b032fdc1cf

  • SHA512

    82438431578bd37381632f2e330c600d17344a16dcf63b0df49887c964ec7565ee840fc2f98405982eefb21f6abaa111562b8950033fad389345b5069bd5e047

  • SSDEEP

    49152:POwglWgEBHGKCSbMCAvxDM82UCYaLb+NLytJD8W4EfzaFb:POTlWHtAvO82U0LKNeEuz

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      08089429ee4231d39dd0f2c970dca60e09a72e6c003f480f2dad76b032fdc1cf

    • Size

      1.9MB

    • MD5

      0b559ca054356534e07322d4cd00a351

    • SHA1

      e5be9a86c3da0a25a15bad5b06390cae4f71610a

    • SHA256

      08089429ee4231d39dd0f2c970dca60e09a72e6c003f480f2dad76b032fdc1cf

    • SHA512

      82438431578bd37381632f2e330c600d17344a16dcf63b0df49887c964ec7565ee840fc2f98405982eefb21f6abaa111562b8950033fad389345b5069bd5e047

    • SSDEEP

      49152:POwglWgEBHGKCSbMCAvxDM82UCYaLb+NLytJD8W4EfzaFb:POTlWHtAvO82U0LKNeEuz

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks