Overview

overview

10

Static

static

10

SeroXen PAID.exe

windows7-x64

7

SeroXen PAID.exe

windows10-2004-x64

8

� ,����.pyc

windows7-x64

� ,����.pyc

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SeroXen PAID.exe

  • Size

    23.0MB

  • Sample

    241016-w2zj5sydjr

  • MD5

    80375ea248f77cac74f4a7cd0fd495b2

  • SHA1

    1d84b25ae76d851e77d0258216d9b9f07064246d

  • SHA256

    41f4d1e8e488c7e20bc0ecd8084e3fbdeab8c48439c79e510ae63da3564afec3

  • SHA512

    53c32b9361dbd7fb7fbe4ae36f6c99acd65978d0149dbf528b44fab140d7f7144305d204767c5f81dc587354a9fec96f0b56e0f2f3778f4ddb49fc05aec6254e

  • SSDEEP

    98304:A0EtdFBgwzQamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RAPMPd31MwTg:AjF3eN/FJMIDJf0gsAGK4RAkPUwTg

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      SeroXen PAID.exe

    • Size

      23.0MB

    • MD5

      80375ea248f77cac74f4a7cd0fd495b2

    • SHA1

      1d84b25ae76d851e77d0258216d9b9f07064246d

    • SHA256

      41f4d1e8e488c7e20bc0ecd8084e3fbdeab8c48439c79e510ae63da3564afec3

    • SHA512

      53c32b9361dbd7fb7fbe4ae36f6c99acd65978d0149dbf528b44fab140d7f7144305d204767c5f81dc587354a9fec96f0b56e0f2f3778f4ddb49fc05aec6254e

    • SSDEEP

      98304:A0EtdFBgwzQamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RAPMPd31MwTg:AjF3eN/FJMIDJf0gsAGK4RAkPUwTg

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      � ,����.pyc

    • Size

      857B

    • MD5

      c699233aa5de36bc26cb3f4921249d99

    • SHA1

      dc9c3d6950ce25d0c18599f351638574da8c3791

    • SHA256

      2d1eb371808cafb029b02c8678a28b8f25a6c0c92b249678ec5dc6e3049e0296

    • SHA512

      261484e188a3f2366992d38309d58c8e136387a95744ce91c1dbf91667b3b63b138d2e858b830fe3a3a0a1f71c2e8f85221dc45d54c6883cb59f71cbd90ce8ee

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks