Overview

overview

10

Static

static

10

source_prepared.exe

windows10-2004-x64

9

Resubmissions

28/08/2024, 13:49

240828-q4rpeszhph 10

28/08/2024, 13:44

240828-q1vlxazgqd 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    source_prepared.exe

  • Size

    76.9MB

  • Sample

    240828-q1vlxazgqd

  • MD5

    f37413e3090a2ec9f205a314cfaaff72

  • SHA1

    dd1e8e4228320f3546de43b332e0bf8d1acd6b7c

  • SHA256

    b909173922bb983f65f3c7b90595d5590e1d9783b23c96633b8353e104a74195

  • SHA512

    bbaeb15bf5678d29ab689deee33ae2392fe1428e24a76cfecb68216ce0d870d912108d8257d621eb4b89097584bdb412c4150639a12eb6ec90608641f0eab605

  • SSDEEP

    1572864:7vHcRlKW5h7vXSk8IpG7V+VPhqYdfME7tlHegiYweyJulZUdghhureDEjV37U:7vHcRY6hTSkB05awcfLdMpuFhurOQo

Score
10/10
pysilonevasionexecutionpersistencepyinstallerupx

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      76.9MB

    • MD5

      f37413e3090a2ec9f205a314cfaaff72

    • SHA1

      dd1e8e4228320f3546de43b332e0bf8d1acd6b7c

    • SHA256

      b909173922bb983f65f3c7b90595d5590e1d9783b23c96633b8353e104a74195

    • SHA512

      bbaeb15bf5678d29ab689deee33ae2392fe1428e24a76cfecb68216ce0d870d912108d8257d621eb4b89097584bdb412c4150639a12eb6ec90608641f0eab605

    • SSDEEP

      1572864:7vHcRlKW5h7vXSk8IpG7V+VPhqYdfME7tlHegiYweyJulZUdghhureDEjV37U:7vHcRY6hTSkB05awcfLdMpuFhurOQo

    Score
    9/10
    evasionexecutionpersistenceupx

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks