General

  • Target

    d918e3e78a25986e395c1c2ac02fe322d3cdb887e6ace4ce0a9a4bfdad695410

  • Size

    663KB

  • Sample

    240925-264ybatakn

  • MD5

    64ba951987cc51900db5f1f35d5e836d

  • SHA1

    25efcd9c5e536c2223bd36714da20da29441880f

  • SHA256

    d918e3e78a25986e395c1c2ac02fe322d3cdb887e6ace4ce0a9a4bfdad695410

  • SHA512

    e92844700b8d67ca37c231c1117289af0771ec6a7c88b1f3f96fc9d43a3a578bcdb7e9e55fd88a483317d5482e4f755b1f7733aca373fba049fb2f2c412c3710

  • SSDEEP

    12288:zfIQEkONm1fwD6C3BPFEWUVsj/pqviXDXK2L:z3NF1fw6iQipqvGVL

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Language
xlm4.0
Source

Targets

    • Target

      d918e3e78a25986e395c1c2ac02fe322d3cdb887e6ace4ce0a9a4bfdad695410

    • Size

      663KB

    • MD5

      64ba951987cc51900db5f1f35d5e836d

    • SHA1

      25efcd9c5e536c2223bd36714da20da29441880f

    • SHA256

      d918e3e78a25986e395c1c2ac02fe322d3cdb887e6ace4ce0a9a4bfdad695410

    • SHA512

      e92844700b8d67ca37c231c1117289af0771ec6a7c88b1f3f96fc9d43a3a578bcdb7e9e55fd88a483317d5482e4f755b1f7733aca373fba049fb2f2c412c3710

    • SSDEEP

      12288:zfIQEkONm1fwD6C3BPFEWUVsj/pqviXDXK2L:z3NF1fw6iQipqvGVL

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks