Overview

overview

8

Static

static

7

0f58dcb7f9...bf.exe

windows7-x64

8

0f58dcb7f9...bf.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0f58dcb7f9d497f3fa44278f49ddcc45143a6e732af2a43573d21d390db407bf

  • Size

    1.0MB

  • Sample

    240828-xfylds1ajf

  • MD5

    51a313acb33f843bc7c9a8c511d5b282

  • SHA1

    531ebda066e9fd03bde93840731fb6eb9e67698b

  • SHA256

    0f58dcb7f9d497f3fa44278f49ddcc45143a6e732af2a43573d21d390db407bf

  • SHA512

    d7981baf6c6296976aa2e8db35f747e8bdb1b3aceaf1d720afe73d3a006a5c12bfbf4e909af264acffc41e9b512d80153218281ecdfc95fd03250da893c86648

  • SSDEEP

    24576:v6Zv2ivhBVnFys7xP86LXtqWJ/eroQm2S7TmI7pnb:vE2ivhQs7dLX/Jyb7S7TmI7pb

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      0f58dcb7f9d497f3fa44278f49ddcc45143a6e732af2a43573d21d390db407bf

    • Size

      1.0MB

    • MD5

      51a313acb33f843bc7c9a8c511d5b282

    • SHA1

      531ebda066e9fd03bde93840731fb6eb9e67698b

    • SHA256

      0f58dcb7f9d497f3fa44278f49ddcc45143a6e732af2a43573d21d390db407bf

    • SHA512

      d7981baf6c6296976aa2e8db35f747e8bdb1b3aceaf1d720afe73d3a006a5c12bfbf4e909af264acffc41e9b512d80153218281ecdfc95fd03250da893c86648

    • SSDEEP

      24576:v6Zv2ivhBVnFys7xP86LXtqWJ/eroQm2S7TmI7pnb:vE2ivhQs7dLX/Jyb7S7TmI7pb

    Score
    8/10
    discoverypersistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Modifies system executable filetype association

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks