Overview

overview

8

Static

static

7

af4affba1e...9N.exe

windows7-x64

8

af4affba1e...9N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    af4affba1e7ab44d075346c2d9a37b854e2716c71ab6b6dadee0ea39ff6a35a9N

  • Size

    91KB

  • Sample

    240921-ecgjlatdld

  • MD5

    918fdd97bbe57ae6d033b7842df48cd0

  • SHA1

    4a848e0ee030d080fbf2033897d508dfb4c4c9e6

  • SHA256

    af4affba1e7ab44d075346c2d9a37b854e2716c71ab6b6dadee0ea39ff6a35a9

  • SHA512

    bed1d7e3a2c120109d1d310507aa3a12cf5279bf8711b09d0810cb261b186e0e3e9349787f206cfd8aaf815adbfec37ddaa48f59b78d91588b5ed3a8bc7b17a4

  • SSDEEP

    1536:a0cVivcSyB5ZaDxLIJPCvglmDdNmUc1l+BCqKl7NeYRNd:aOcSynJPCvg+mUcb+BCqKHeqd

Score
8/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      af4affba1e7ab44d075346c2d9a37b854e2716c71ab6b6dadee0ea39ff6a35a9N

    • Size

      91KB

    • MD5

      918fdd97bbe57ae6d033b7842df48cd0

    • SHA1

      4a848e0ee030d080fbf2033897d508dfb4c4c9e6

    • SHA256

      af4affba1e7ab44d075346c2d9a37b854e2716c71ab6b6dadee0ea39ff6a35a9

    • SHA512

      bed1d7e3a2c120109d1d310507aa3a12cf5279bf8711b09d0810cb261b186e0e3e9349787f206cfd8aaf815adbfec37ddaa48f59b78d91588b5ed3a8bc7b17a4

    • SSDEEP

      1536:a0cVivcSyB5ZaDxLIJPCvglmDdNmUc1l+BCqKl7NeYRNd:aOcSynJPCvg+mUcb+BCqKHeqd

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks