Overview

overview

10

Static

static

10

test.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test.exe

  • Size

    8.2MB

  • Sample

    241017-y9vx2avbrf

  • MD5

    66948dc3bd746cc19442567689068f2f

  • SHA1

    dd0e63e1ab6f570b54d70fd8d650a84ece299e03

  • SHA256

    ff19acdf43b4a491cc2e3932ab5c2fbe3866618a9365200ca8e06a00ec778b53

  • SHA512

    7ee9b66dd055ed84f0f575c19968f0f415ce0f7aa95fc6d8aa82c3bdaf37559088b29595046cd7a5d3684dd3aad9cb5f028a015eeb6befb91e22ac4601088491

  • SSDEEP

    196608:KDuyqZcwfI9jUC2XMvH8zPjweaBpZ0cISEu2ooccXK7oSn:vFIH2XgHq+jq283YoS

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      test.exe

    • Size

      8.2MB

    • MD5

      66948dc3bd746cc19442567689068f2f

    • SHA1

      dd0e63e1ab6f570b54d70fd8d650a84ece299e03

    • SHA256

      ff19acdf43b4a491cc2e3932ab5c2fbe3866618a9365200ca8e06a00ec778b53

    • SHA512

      7ee9b66dd055ed84f0f575c19968f0f415ce0f7aa95fc6d8aa82c3bdaf37559088b29595046cd7a5d3684dd3aad9cb5f028a015eeb6befb91e22ac4601088491

    • SSDEEP

      196608:KDuyqZcwfI9jUC2XMvH8zPjweaBpZ0cISEu2ooccXK7oSn:vFIH2XgHq+jq283YoS

    Score
    8/10
    discoveryexecutionupx

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks