Overview

overview

10

Static

static

10

loader.exe

windows7-x64

7

loader.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    loader.exe

  • Size

    7.3MB

  • Sample

    240616-vgkptathmr

  • MD5

    def885f4fe6548692c15bd4578e758f6

  • SHA1

    9786e0c5c8904ab7ecf4e575dcb8c0c0b2578974

  • SHA256

    e2757f00b266b311c8fa4b3628e1a25c09a0b71e69a5913e6fc646e441ec1849

  • SHA512

    3b116a49ad37417bab542a6877fc53a987dc06e03c09166960def7d75a4983313ae42d0d0d22fcc6841534da10dc1863623853d03cafdc4b5e5e7a5b5ce67343

  • SSDEEP

    196608:NKYS6MDOshoKMuIkhVastRL5Di3uh1D7JM:cYSfOshouIkPftRL54YRJM

Score
10/10
blankgrabberexecutionupx

Malware Config

Targets

    • Target

      loader.exe

    • Size

      7.3MB

    • MD5

      def885f4fe6548692c15bd4578e758f6

    • SHA1

      9786e0c5c8904ab7ecf4e575dcb8c0c0b2578974

    • SHA256

      e2757f00b266b311c8fa4b3628e1a25c09a0b71e69a5913e6fc646e441ec1849

    • SHA512

      3b116a49ad37417bab542a6877fc53a987dc06e03c09166960def7d75a4983313ae42d0d0d22fcc6841534da10dc1863623853d03cafdc4b5e5e7a5b5ce67343

    • SSDEEP

      196608:NKYS6MDOshoKMuIkhVastRL5Di3uh1D7JM:cYSfOshouIkPftRL54YRJM

    Score
    8/10
    upxexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks