Overview

overview

10

Static

static

10

14569ab042...b3.exe

windows7-x64

9

14569ab042...b3.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    14569ab042b336a29fbac0ee7222a9ba1b4ebe742879d9a342dd196fd85170b3

  • Size

    125KB

  • Sample

    240430-xzrxyseb7z

  • MD5

    1aec0af3c8aa8999cbf8c97466dfaafd

  • SHA1

    605fff9343cbbf187c60a1460f09c004bba3fbd1

  • SHA256

    14569ab042b336a29fbac0ee7222a9ba1b4ebe742879d9a342dd196fd85170b3

  • SHA512

    210dac696a85ff18b9baf1d6b8aaded8c90b45f06cf8cea927dad7ae2cb85dfcb115c9bb4a9809d94f269aec4372b6ef1ab662a349aad457f114a0d84d439f93

  • SSDEEP

    3072:ZEboFVlGAvwsgbpvYfMTc72L10fPsout:OBzsgbpvnTcyOPsoS

Score
10/10
upx

Malware Config

Targets

    • Target

      14569ab042b336a29fbac0ee7222a9ba1b4ebe742879d9a342dd196fd85170b3

    • Size

      125KB

    • MD5

      1aec0af3c8aa8999cbf8c97466dfaafd

    • SHA1

      605fff9343cbbf187c60a1460f09c004bba3fbd1

    • SHA256

      14569ab042b336a29fbac0ee7222a9ba1b4ebe742879d9a342dd196fd85170b3

    • SHA512

      210dac696a85ff18b9baf1d6b8aaded8c90b45f06cf8cea927dad7ae2cb85dfcb115c9bb4a9809d94f269aec4372b6ef1ab662a349aad457f114a0d84d439f93

    • SSDEEP

      3072:ZEboFVlGAvwsgbpvYfMTc72L10fPsout:OBzsgbpvnTcyOPsoS

    Score
    9/10
    upx

    • UPX dump on OEP (original entry point)

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks