Overview

overview

10

Static

static

7

fafd4ca89a...b1.exe

windows7-x64

10

fafd4ca89a...b1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fafd4ca89ac890a0ea8084a44130e25ee709d76d703db994410266bac8727eb1

  • Size

    22KB

  • Sample

    240425-f6lk3sga84

  • MD5

    084e5c69d98aa348a42fc92d88c96bc0

  • SHA1

    39219cc6e3b61db06b7df8000f67aaa6e751058b

  • SHA256

    fafd4ca89ac890a0ea8084a44130e25ee709d76d703db994410266bac8727eb1

  • SHA512

    790d6cd3a118eed2b42bf6f72bd150c83ed26a6f1155a08bb9d34da08748b8fe878ba3c5cfb5f28078613e2fd478fd6fbf5dae71059b056428d9c604bf94a9ac

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXVB78q:rRkiLw3HsDSARGG/r8q

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      fafd4ca89ac890a0ea8084a44130e25ee709d76d703db994410266bac8727eb1

    • Size

      22KB

    • MD5

      084e5c69d98aa348a42fc92d88c96bc0

    • SHA1

      39219cc6e3b61db06b7df8000f67aaa6e751058b

    • SHA256

      fafd4ca89ac890a0ea8084a44130e25ee709d76d703db994410266bac8727eb1

    • SHA512

      790d6cd3a118eed2b42bf6f72bd150c83ed26a6f1155a08bb9d34da08748b8fe878ba3c5cfb5f28078613e2fd478fd6fbf5dae71059b056428d9c604bf94a9ac

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXVB78q:rRkiLw3HsDSARGG/r8q

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks