Overview

overview

8

Static

static

7

8edc229276...0N.exe

windows7-x64

8

8edc229276...0N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8edc229276235f28da6a7c4badbef360N.exe

  • Size

    11KB

  • Sample

    240727-esttvswhmn

  • MD5

    8edc229276235f28da6a7c4badbef360

  • SHA1

    d31e42f6895b6b18229374f5616586fb36b24862

  • SHA256

    b023d1cfb273b515a30b82298c5fcaa7b5a6f6e7d8d85b9ba4e5204944b06f64

  • SHA512

    ad61a6ed08e8be07c4fb9a329cc978412604e93d3cde7a9e4287878d47468963e574c4938084111facba6b7b581790b9d23ce19b65a0e2daeaae14264cc3e04a

  • SSDEEP

    192:y5085ewGKJM3+CKPJXV1CGgNMIGIV/4zM/i/rH2Y0u2tbOVhHNMAPabg:y5fHBl1mxGIVg+KHf8aVhtMA4g

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      8edc229276235f28da6a7c4badbef360N.exe

    • Size

      11KB

    • MD5

      8edc229276235f28da6a7c4badbef360

    • SHA1

      d31e42f6895b6b18229374f5616586fb36b24862

    • SHA256

      b023d1cfb273b515a30b82298c5fcaa7b5a6f6e7d8d85b9ba4e5204944b06f64

    • SHA512

      ad61a6ed08e8be07c4fb9a329cc978412604e93d3cde7a9e4287878d47468963e574c4938084111facba6b7b581790b9d23ce19b65a0e2daeaae14264cc3e04a

    • SSDEEP

      192:y5085ewGKJM3+CKPJXV1CGgNMIGIV/4zM/i/rH2Y0u2tbOVhHNMAPabg:y5fHBl1mxGIVg+KHf8aVhtMA4g

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks