Overview

overview

7

Static

static

3

6ced6b3179...0N.exe

windows7-x64

7

6ced6b3179...0N.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    6ced6b3179b504f1bd0ec50341d57f80N.exe

  • Size

    208KB

  • Sample

    240821-wfbwysscpc

  • MD5

    6ced6b3179b504f1bd0ec50341d57f80

  • SHA1

    14ac437d630acec9a10e50c0d69869dfae1a2a2e

  • SHA256

    a364803d85f95d3aa6acb198924173dac762356930bf79b362e058f37aea90b2

  • SHA512

    78361b48bc8b60604966729215d683eda270daf1d17e2a526ffc27877b2ad59c7f375152f692aad0c66c15fab4b0101e671b22823ed77f8cce43a43e27fa154c

  • SSDEEP

    1536:+fuxw10lxJM5y8w5OZRVmgyDl+cWaxJcveQZNTRSb3EBAR1AlQPsxjheYhpXN5yh:a0OtF2Qo7VsJgisxlYegEX0ZZbW

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      6ced6b3179b504f1bd0ec50341d57f80N.exe

    • Size

      208KB

    • MD5

      6ced6b3179b504f1bd0ec50341d57f80

    • SHA1

      14ac437d630acec9a10e50c0d69869dfae1a2a2e

    • SHA256

      a364803d85f95d3aa6acb198924173dac762356930bf79b362e058f37aea90b2

    • SHA512

      78361b48bc8b60604966729215d683eda270daf1d17e2a526ffc27877b2ad59c7f375152f692aad0c66c15fab4b0101e671b22823ed77f8cce43a43e27fa154c

    • SSDEEP

      1536:+fuxw10lxJM5y8w5OZRVmgyDl+cWaxJcveQZNTRSb3EBAR1AlQPsxjheYhpXN5yh:a0OtF2Qo7VsJgisxlYegEX0ZZbW

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks