Overview

overview

7

Static

static

7

3f5b0fbbf8...63.exe

windows7-x64

7

3f5b0fbbf8...63.exe

windows10-2004-x64

7

$PLUGINSDI...el.dll

windows7-x64

7

$PLUGINSDI...el.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f5b0fbbf8281387fa50156b1475271964f5d98b3788be1424f778000dc3a263.exe.000

  • Size

    91KB

  • Sample

    240912-maewzs1hmm

  • MD5

    6cf0be1c084f30d940c08a4835462bb0

  • SHA1

    2feeab23cd078f98fac5ba6f8a28efa0b62df49d

  • SHA256

    3f5b0fbbf8281387fa50156b1475271964f5d98b3788be1424f778000dc3a263

  • SHA512

    c9b4f1f1acd823f16bebc3d0c72de0993d6b3eee5b9fc4103b78734fbb9ff23d116edb4955a93fa14befc78b5212f5d54886edc3dc4f99848535dd0f6c4df006

  • SSDEEP

    1536:mmsAYBdTU9fEAIS2PEtu3ZUKT/HlAZ5NsyavLTWVP0n/W73A5xO:1fY/TU9fE9PEtupUKT/lATFYWd0nOUm

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      3f5b0fbbf8281387fa50156b1475271964f5d98b3788be1424f778000dc3a263.exe.000

    • Size

      91KB

    • MD5

      6cf0be1c084f30d940c08a4835462bb0

    • SHA1

      2feeab23cd078f98fac5ba6f8a28efa0b62df49d

    • SHA256

      3f5b0fbbf8281387fa50156b1475271964f5d98b3788be1424f778000dc3a263

    • SHA512

      c9b4f1f1acd823f16bebc3d0c72de0993d6b3eee5b9fc4103b78734fbb9ff23d116edb4955a93fa14befc78b5212f5d54886edc3dc4f99848535dd0f6c4df006

    • SSDEEP

      1536:mmsAYBdTU9fEAIS2PEtu3ZUKT/HlAZ5NsyavLTWVP0n/W73A5xO:1fY/TU9fE9PEtupUKT/lATFYWd0nOUm

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/SelfDel.dll

    • Size

      5KB

    • MD5

      ca8bcdded6b265453cf68bae8bbd0b3a

    • SHA1

      9dbe872ac53e075c0954c882d034aa009c733092

    • SHA256

      299ba97dda721cc9216bda218769eb269a239c8bcf09bd6acc774ff935849184

    • SHA512

      a9b19434c35236a049036f0153a5c7184c95249fdb04ef7605484551d40a8aba37462eb617e96301cd4363a324f0282e26179ce4b78973ca43e0a63b4dffb33c

    • SSDEEP

      48:S17Ql+sbsjAowLVEq1y58vzWLDjjZSeJY8JTaTIUNEyTFS7lr0zsBEaSujrt6EQD:v8sgYLVEX4zwjINxS7xg+TScrQD

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      38KB

    • MD5

      a35cdc9cf1d17216c0ab8c5282488ead

    • SHA1

      ed8e8091a924343ad8791d85e2733c14839f0d36

    • SHA256

      a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df

    • SHA512

      0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

    • SSDEEP

      384:njt65uI9oYzcCaHjl9Cb4I1f0AGhrHXoREnRxtIpH/u0abJ2v2DW9O9tk8ZwkpwD:noHtNQoRSIwTJB6Q/kPyBp6

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    discovery
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks