Overview

overview

10

Static

static

10

Eulen_Installer.exe

windows7-x64

7

Eulen_Installer.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Eulen_Installer.exe

  • Size

    30.0MB

  • Sample

    241020-yzq64azcrl

  • MD5

    64494dd0a8e20fc34bda9c644ef36d47

  • SHA1

    057130e50d344d8592b80a52706200e36ae0a83a

  • SHA256

    493cc4bf408ad8893f677d6f3f397e47d42dad768bde97845b7b6547b857eb25

  • SHA512

    3ab70f5880ceecc82045e8409292572912434d7c11f51284878de80df8e0d164bdb2983e4212c63bb85bc533b5eec03cf032b10af4ceecf0d43eb1048a3115f1

  • SSDEEP

    98304:ybMcUhurErvz81LpWjjUlLkvzgXO9hAlaYrzzuJZYJ1JIuIHKU73bcgVowgp:ycurErvI9pWjgyvoaYrE41JIuIqoxkp

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      Eulen_Installer.exe

    • Size

      30.0MB

    • MD5

      64494dd0a8e20fc34bda9c644ef36d47

    • SHA1

      057130e50d344d8592b80a52706200e36ae0a83a

    • SHA256

      493cc4bf408ad8893f677d6f3f397e47d42dad768bde97845b7b6547b857eb25

    • SHA512

      3ab70f5880ceecc82045e8409292572912434d7c11f51284878de80df8e0d164bdb2983e4212c63bb85bc533b5eec03cf032b10af4ceecf0d43eb1048a3115f1

    • SSDEEP

      98304:ybMcUhurErvz81LpWjjUlLkvzgXO9hAlaYrzzuJZYJ1JIuIHKU73bcgVowgp:ycurErvI9pWjgyvoaYrE41JIuIqoxkp

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks