Overview

overview

10

Static

static

10

fd27b6586c...cd.dll

windows7-x64

9

fd27b6586c...cd.dll

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd27b6586c5d693148cdadcb356188fa5daeb795e99a2fce9325d02f638f8ccd

  • Size

    76KB

  • Sample

    240620-gj7qgawhpp

  • MD5

    5bfa6b90da893064f0deca4e653f2be0

  • SHA1

    2eec9b7149bac6a0b35ecb2bc0b29113f8bdd826

  • SHA256

    fd27b6586c5d693148cdadcb356188fa5daeb795e99a2fce9325d02f638f8ccd

  • SHA512

    dfc470ef48c98e3d0dfbcee6b338b462eb921b5858d135c2d3cdac1134cd783e3af0f7d1f75342f5c4c612c9c339d87a8090be759834f340f810efd8203eb520

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZfbdyziJ:c8y93KQjy7G55riF1cMo039TJ

Score
10/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      fd27b6586c5d693148cdadcb356188fa5daeb795e99a2fce9325d02f638f8ccd

    • Size

      76KB

    • MD5

      5bfa6b90da893064f0deca4e653f2be0

    • SHA1

      2eec9b7149bac6a0b35ecb2bc0b29113f8bdd826

    • SHA256

      fd27b6586c5d693148cdadcb356188fa5daeb795e99a2fce9325d02f638f8ccd

    • SHA512

      dfc470ef48c98e3d0dfbcee6b338b462eb921b5858d135c2d3cdac1134cd783e3af0f7d1f75342f5c4c612c9c339d87a8090be759834f340f810efd8203eb520

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZfbdyziJ:c8y93KQjy7G55riF1cMo039TJ

    Score
    9/10
    upxpersistenceprivilege_escalation

    • UPX dump on OEP (original entry point)

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks