Overview

overview

10

Static

static

7

eb421f2c28...0N.exe

windows7-x64

10

eb421f2c28...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb421f2c28d2ba48ec2a57b0c0bc4b50N.exe

  • Size

    71KB

  • Sample

    240816-3s1jeayamk

  • MD5

    eb421f2c28d2ba48ec2a57b0c0bc4b50

  • SHA1

    b83863f88a0a0ca00aee6eaf8a4bedf86fe4a982

  • SHA256

    212a2df0ad730780bc65b8eeeca945030524e26cbb2b9e8bed4fc048c698d429

  • SHA512

    e3a8ceb12668671ff9f5e079389f19ef7c7c3f2c020f588fb4b588112a3e1e745565e54bf0f82d645f91660a2b1947f477c05e0150f0c6ef90c6745ecaea1705

  • SSDEEP

    1536:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BGffffffffffffffffffffffffffffffffX:ec0HgB3LCqZMYXBGffffffffffffffff

Score
10/10
discoveryevasionpersistenceupx

Malware Config

Targets

    • Target

      eb421f2c28d2ba48ec2a57b0c0bc4b50N.exe

    • Size

      71KB

    • MD5

      eb421f2c28d2ba48ec2a57b0c0bc4b50

    • SHA1

      b83863f88a0a0ca00aee6eaf8a4bedf86fe4a982

    • SHA256

      212a2df0ad730780bc65b8eeeca945030524e26cbb2b9e8bed4fc048c698d429

    • SHA512

      e3a8ceb12668671ff9f5e079389f19ef7c7c3f2c020f588fb4b588112a3e1e745565e54bf0f82d645f91660a2b1947f477c05e0150f0c6ef90c6745ecaea1705

    • SSDEEP

      1536:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BGffffffffffffffffffffffffffffffffX:ec0HgB3LCqZMYXBGffffffffffffffff

    Score
    10/10
    discoveryevasionpersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks