Overview

overview

10

Static

static

1

da6a32eecd...0N.exe

windows7-x64

10

da6a32eecd...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da6a32eecd1e16f98756e915877797f0N.exe

  • Size

    209KB

  • Sample

    240818-kjamhsvfkg

  • MD5

    da6a32eecd1e16f98756e915877797f0

  • SHA1

    04bc4f201dc8d323b639354ba0343a355c8c09fe

  • SHA256

    1cf250e6d2cc9f234157f9ca6cbfb44069a662634a7aa9dfdf50808b6094e64c

  • SHA512

    693cfd768f852a3942b9670179d100cc4b885555b1ef546bbbf6514f86b9480e181e90326356faf19c15f5a121256b01d9f410d49616c1545d45e8753a291f33

  • SSDEEP

    3072:GQcjk9tVRNIcjb4Ryfjijjx14hdeCXHKPJFo9zpE7Di0X0JuLL+o7BlpF9e:GQh9tVRm2kh34hdeCkcG7DEALLlnN

Score
10/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      da6a32eecd1e16f98756e915877797f0N.exe

    • Size

      209KB

    • MD5

      da6a32eecd1e16f98756e915877797f0

    • SHA1

      04bc4f201dc8d323b639354ba0343a355c8c09fe

    • SHA256

      1cf250e6d2cc9f234157f9ca6cbfb44069a662634a7aa9dfdf50808b6094e64c

    • SHA512

      693cfd768f852a3942b9670179d100cc4b885555b1ef546bbbf6514f86b9480e181e90326356faf19c15f5a121256b01d9f410d49616c1545d45e8753a291f33

    • SSDEEP

      3072:GQcjk9tVRNIcjb4Ryfjijjx14hdeCXHKPJFo9zpE7Di0X0JuLL+o7BlpF9e:GQh9tVRm2kh34hdeCkcG7DEALLlnN

    Score
    10/10
    discoverypersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks