Overview

overview

9

Static

static

3

6ffc304e9c...49.exe

windows7-x64

9

6ffc304e9c...49.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    6ffc304e9c9d7408f28ba63225e9d418f0d22e6382ba2a69957a7eb997962849

  • Size

    1.4MB

  • Sample

    240615-2q485s1hnj

  • MD5

    8272c8ad1aa44a341953b97b90954ac4

  • SHA1

    53efc3547276d0d844de84ec9a016dc7c28d2ca4

  • SHA256

    6ffc304e9c9d7408f28ba63225e9d418f0d22e6382ba2a69957a7eb997962849

  • SHA512

    61abbb33c37b0cd462524a638ee54113f91a44ab6f2cd4ecdabbd94806fd971f8b803f09f10e488ba8f62477579580d334e3aac85dea943f47f390cc52f08563

  • SSDEEP

    24576:NEOxgopTbo0wcaMBFmPZpXwnAgIwv36lM46zR8FGhQ58z9X/CPb2m7V6uf2IKrEw:NEO1o0wcoPLbXokKPTWhZC

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      6ffc304e9c9d7408f28ba63225e9d418f0d22e6382ba2a69957a7eb997962849

    • Size

      1.4MB

    • MD5

      8272c8ad1aa44a341953b97b90954ac4

    • SHA1

      53efc3547276d0d844de84ec9a016dc7c28d2ca4

    • SHA256

      6ffc304e9c9d7408f28ba63225e9d418f0d22e6382ba2a69957a7eb997962849

    • SHA512

      61abbb33c37b0cd462524a638ee54113f91a44ab6f2cd4ecdabbd94806fd971f8b803f09f10e488ba8f62477579580d334e3aac85dea943f47f390cc52f08563

    • SSDEEP

      24576:NEOxgopTbo0wcaMBFmPZpXwnAgIwv36lM46zR8FGhQ58z9X/CPb2m7V6uf2IKrEw:NEO1o0wcoPLbXokKPTWhZC

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks