Overview

overview

7

Static

static

1

view.html

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    view

  • Size

    83KB

  • Sample

    240421-ynph5aba6s

  • MD5

    8fdb6070a2f06c303ab03b73cfac1eac

  • SHA1

    4a008e89dca13af46efa1b2848270231ca79dc6d

  • SHA256

    e507fc9d1015314a29e75d14b8aade654f094140cff4293710ed455309e368b5

  • SHA512

    dd3259e07a235325fa9188ab12e5b0b564cf25edb88ba4dab3b17b6c892e958334c589e5dbc365866dabb14b49340b0257e02739c0fc86c5d529d5cba504b8e0

  • SSDEEP

    1536:v8yDayVsmSgeNFXTEc4bHwCl+VrWJ+1Zt:JD6DXwr+X

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      view

    • Size

      83KB

    • MD5

      8fdb6070a2f06c303ab03b73cfac1eac

    • SHA1

      4a008e89dca13af46efa1b2848270231ca79dc6d

    • SHA256

      e507fc9d1015314a29e75d14b8aade654f094140cff4293710ed455309e368b5

    • SHA512

      dd3259e07a235325fa9188ab12e5b0b564cf25edb88ba4dab3b17b6c892e958334c589e5dbc365866dabb14b49340b0257e02739c0fc86c5d529d5cba504b8e0

    • SSDEEP

      1536:v8yDayVsmSgeNFXTEc4bHwCl+VrWJ+1Zt:JD6DXwr+X

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks