Overview

overview

8

Static

static

7

ce8b0198e4...ee.exe

windows7-x64

8

ce8b0198e4...ee.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ce8b0198e4effed15dbcdf537395e1eded60f44f0bb3a5e9a0823f0174c676ee

  • Size

    8.2MB

  • Sample

    240707-pf52gavalb

  • MD5

    061e377b2614c38430cc457bfa68a8ab

  • SHA1

    36185c716f0c1092239b2c88d80ee5292cfb3c44

  • SHA256

    ce8b0198e4effed15dbcdf537395e1eded60f44f0bb3a5e9a0823f0174c676ee

  • SHA512

    04acbf0823508e46989341a2143985c49fea6630bd9af06828833590f742157e3bf209b56db7d660d4653513ed196b5e470c53c478c32ff6994c80df254fa95f

  • SSDEEP

    196608:evJIMD7WI2cy8JS8jf2FkBj+auMPC3PG9lrjQgPTZZ:OJI/I2j8JS8jFKaRC3enTZZ

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ce8b0198e4effed15dbcdf537395e1eded60f44f0bb3a5e9a0823f0174c676ee

    • Size

      8.2MB

    • MD5

      061e377b2614c38430cc457bfa68a8ab

    • SHA1

      36185c716f0c1092239b2c88d80ee5292cfb3c44

    • SHA256

      ce8b0198e4effed15dbcdf537395e1eded60f44f0bb3a5e9a0823f0174c676ee

    • SHA512

      04acbf0823508e46989341a2143985c49fea6630bd9af06828833590f742157e3bf209b56db7d660d4653513ed196b5e470c53c478c32ff6994c80df254fa95f

    • SSDEEP

      196608:evJIMD7WI2cy8JS8jf2FkBj+auMPC3PG9lrjQgPTZZ:OJI/I2j8JS8jFKaRC3enTZZ

    Score
    8/10
    persistenceupx

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks