Overview

overview

8

Static

static

3

68656e01d0...0b.exe

windows7-x64

8

68656e01d0...0b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    68656e01d03e5f90ea21e08f5d95c0a7c2662d81f44414132937288bbe38d50b

  • Size

    369KB

  • Sample

    240908-nq7glstenl

  • MD5

    20ca2de33f9737fb1c642b8254a4a256

  • SHA1

    6c75ed5994fc585588cd41db4152e68e23b350cb

  • SHA256

    68656e01d03e5f90ea21e08f5d95c0a7c2662d81f44414132937288bbe38d50b

  • SHA512

    b4e590a1002cd3a09cdddc9e41b961622e79b4a8612935a75256733a2eac10a240649cc6a132fa48879e6e93dc05e4343c178cd75d883be31335d0821e17770d

  • SSDEEP

    6144:RdA9Yig3taiihxwlx+adsOZvjX1ebCKbEFoK9LOdQtFBoPesIs:CYig1+mlkOZ7qCKqLL7oPesIs

Score
8/10
defense_evasiondiscoveryevasionexecutionupx

Malware Config

Targets

    • Target

      68656e01d03e5f90ea21e08f5d95c0a7c2662d81f44414132937288bbe38d50b

    • Size

      369KB

    • MD5

      20ca2de33f9737fb1c642b8254a4a256

    • SHA1

      6c75ed5994fc585588cd41db4152e68e23b350cb

    • SHA256

      68656e01d03e5f90ea21e08f5d95c0a7c2662d81f44414132937288bbe38d50b

    • SHA512

      b4e590a1002cd3a09cdddc9e41b961622e79b4a8612935a75256733a2eac10a240649cc6a132fa48879e6e93dc05e4343c178cd75d883be31335d0821e17770d

    • SSDEEP

      6144:RdA9Yig3taiihxwlx+adsOZvjX1ebCKbEFoK9LOdQtFBoPesIs:CYig1+mlkOZ7qCKqLL7oPesIs

    Score
    8/10
    defense_evasiondiscoveryevasionexecutionupx

    • Stops running service(s)

      evasionexecution

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks