Overview

overview

8

Static

static

5

ec4c22a803...a5.exe

windows7-x64

8

ec4c22a803...a5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec4c22a803ac608611df5b4fe38c6b4665a5d1fbc24d2bfeb4abfe655d7b9da5.exe

  • Size

    5.4MB

  • Sample

    241120-yf6sfa1gjb

  • MD5

    711cd445a34c9892e76a82270ad46a24

  • SHA1

    e008839ab63d36226193f8d39677a210c42ae140

  • SHA256

    ec4c22a803ac608611df5b4fe38c6b4665a5d1fbc24d2bfeb4abfe655d7b9da5

  • SHA512

    3788121e4d151a1031fb6d00baa62241b2bc3e45f642f03ddf9e480093bc07eea9ef61f0264afb7f509383b844aa96cb0f0ab6929b2dc3fc70e616139afdd752

  • SSDEEP

    98304:p8sjk3hRWieWT0ywsagZ9VeXD3OKvRbgyNMY/HzrCU7vXGa:PjYhRPeWvnzwrOjy9//xTXf

Score
8/10
discoveryexploitpersistenceupx

Malware Config

Targets

    • Target

      ec4c22a803ac608611df5b4fe38c6b4665a5d1fbc24d2bfeb4abfe655d7b9da5.exe

    • Size

      5.4MB

    • MD5

      711cd445a34c9892e76a82270ad46a24

    • SHA1

      e008839ab63d36226193f8d39677a210c42ae140

    • SHA256

      ec4c22a803ac608611df5b4fe38c6b4665a5d1fbc24d2bfeb4abfe655d7b9da5

    • SHA512

      3788121e4d151a1031fb6d00baa62241b2bc3e45f642f03ddf9e480093bc07eea9ef61f0264afb7f509383b844aa96cb0f0ab6929b2dc3fc70e616139afdd752

    • SSDEEP

      98304:p8sjk3hRWieWT0ywsagZ9VeXD3OKvRbgyNMY/HzrCU7vXGa:PjYhRPeWvnzwrOjy9//xTXf

    Score
    8/10
    discoveryexploitpersistenceupx

    • Possible privilege escalation attempt

      exploit

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks