General

  • Target

    demon-v1.exe

  • Size

    7.3MB

  • Sample

    240530-n6pazagd8y

  • MD5

    d0e02871ae6c2d5125274ea7ada3c35b

  • SHA1

    d53f2b674fcdc314c44a7abb1356d889006d514d

  • SHA256

    fe7e39121171a6ddd8cca7cec00aba261f64ee83232c9f9b01f8543f43dea304

  • SHA512

    ef380d0367c1508f685219095c6958c6e4ae644bb29ed830579f70434c5c3756fe1409ae940704453fe91861633bd87af62081ae586ca6b95023f8d92da85f5f

  • SSDEEP

    196608:prpKYS6/xOshoKMuIkhVastRL5Di3uh1D7JY:KYS8xOshouIkPftRL54YRJY

Malware Config

Targets

    • Target

      demon-v1.exe

    • Size

      7.3MB

    • MD5

      d0e02871ae6c2d5125274ea7ada3c35b

    • SHA1

      d53f2b674fcdc314c44a7abb1356d889006d514d

    • SHA256

      fe7e39121171a6ddd8cca7cec00aba261f64ee83232c9f9b01f8543f43dea304

    • SHA512

      ef380d0367c1508f685219095c6958c6e4ae644bb29ed830579f70434c5c3756fe1409ae940704453fe91861633bd87af62081ae586ca6b95023f8d92da85f5f

    • SSDEEP

      196608:prpKYS6/xOshoKMuIkhVastRL5Di3uh1D7JY:KYS8xOshouIkPftRL54YRJY

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      ���d�Vn.pyc

    • Size

      1KB

    • MD5

      f92c873188cd7e62d023bce2a56c7884

    • SHA1

      2f56ff0702de239585984220c15609c181d8c191

    • SHA256

      a3e8a2fcaf70154e6ef71dc7788e890fd4cade54534d61f94bd5c2ae865addeb

    • SHA512

      44f7c624dcbc5b0329910f8a4281d42375993f8c9ec0217a37d5ce80b3be6c4b795a48fd3f00bc9801c7450ab0266a2489e134d6935fd2264f70d4bd5e7713b9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks