Overview

overview

10

Static

static

5

d1019417d9...9N.exe

windows7-x64

10

d1019417d9...9N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d1019417d961765922b7c369d259c676b351005dbcc7abcc4e6521112ffedf29N

  • Size

    18KB

  • Sample

    241005-d7w24atbnq

  • MD5

    a23b735545b5fd24a99fd39d5009e7f0

  • SHA1

    710ebd9d0a8dc5b974af2cc361a95f485399afba

  • SHA256

    d1019417d961765922b7c369d259c676b351005dbcc7abcc4e6521112ffedf29

  • SHA512

    04834223d0dc29dde1a2d42def7685cad3a1ed8a1d52405f7161cb75eab3bc5f5d719a2273c35704e96acf87f378513f045279551aa46282d9b616bfdb15dbdd

  • SSDEEP

    384:i+o1mT+ZB+yEbSsRu/4fvwsIGUygNti8QLs/LDkNa+rNTFDKB3:i/1mT+LEbTu/6osIpNtiWfCZ/+

Score
10/10
executionupx

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://cdn.jsdelivr.net/gh/i87924hgasdhg/hgytiryty/bboxfull

Targets

    • Target

      d1019417d961765922b7c369d259c676b351005dbcc7abcc4e6521112ffedf29N

    • Size

      18KB

    • MD5

      a23b735545b5fd24a99fd39d5009e7f0

    • SHA1

      710ebd9d0a8dc5b974af2cc361a95f485399afba

    • SHA256

      d1019417d961765922b7c369d259c676b351005dbcc7abcc4e6521112ffedf29

    • SHA512

      04834223d0dc29dde1a2d42def7685cad3a1ed8a1d52405f7161cb75eab3bc5f5d719a2273c35704e96acf87f378513f045279551aa46282d9b616bfdb15dbdd

    • SSDEEP

      384:i+o1mT+ZB+yEbSsRu/4fvwsIGUygNti8QLs/LDkNa+rNTFDKB3:i/1mT+LEbTu/6osIpNtiWfCZ/+

    Score
    10/10
    executionupx

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks