Overview

overview

10

Static

static

10

cc generat...EN.exe

windows7-x64

7

cc generat...EN.exe

windows10-2004-x64

8

Resubmissions

27/09/2024, 01:04

240927-be5sesxckq 10

27/09/2024, 01:04

240927-bez7yaxckj 10

27/09/2024, 01:03

240927-bevmfsxcjp 10

27/09/2024, 01:03

240927-bepffazdkf 10

27/09/2024, 00:38

240927-azcrpswdrm 10

02/02/2024, 22:48

240202-2rfxyaaef9 10

02/02/2024, 22:47

240202-2qptfsaed6 10

02/02/2024, 22:43

240202-2nntdacffn 10

02/02/2024, 22:40

240202-2lqvysceen 10

02/02/2024, 22:36

240202-2jk7paabb9 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc_generator_by_ShadowGEN.rar

  • Size

    8.0MB

  • Sample

    240927-be5sesxckq

  • MD5

    715cd5f4dda1340f318cbd1a23fb8b19

  • SHA1

    6c444be2f53f1e5839b610f8a09b0deee17974cf

  • SHA256

    323ca1b9c1ca4d8469502f617059fe81aa2758cd3891dddcd9de3d05b72cbbb2

  • SHA512

    e0dcfabef10d0b2bc9c90ecb74f673121cdb19ec07c46a0b64bf72678039b1a582e11a79953422943bbfb645aa0dab5c2a89852f1718229d6095e863ec18d41b

  • SSDEEP

    196608:iB4mOfeuAUkcy+HLjM0Shh/XmIBwUezbaQujEkPev:iB/Ofeu3kwE0Wh+ImUUbaXIk2v

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      cc generator by ShadowGEN.exe

    • Size

      8.2MB

    • MD5

      0aaa4e1cd422a7e8c53f550a051abcda

    • SHA1

      d834c15b6e362e2d5ba96c5efad3705ed2ebb029

    • SHA256

      91f52cd923422fd8270f23583da67bdc3564546ac2b4d28c2f1fca46eb6f8c91

    • SHA512

      4a5572d2db20b7b4b0e88c8110c5e6d356fb055a929472c15643d5effc2b247eec87b4da1d3156606d0ea5a4da48485244673ef505f441ace2f683398e9ccaba

    • SSDEEP

      196608:XV1EzRHRrIeLjv+bhqNVoB8Ck5c7GpNlpq41J2ySENNkfWHio6+9zsf:LstL+9qz88Ck+7q3p91JmJ8M+9Yf

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks