Overview

overview

10

Static

static

10

1674ee6332...c3.dll

windows7-x64

5

1674ee6332...c3.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1674ee633277f64fe9d22ff5d42ff0c19668fe6efe805886036a36bf12f351c3

  • Size

    76KB

  • Sample

    241211-ymankswmhy

  • MD5

    3e0225bbfe63e29160b0f9ff333347a5

  • SHA1

    3b65b9df0c218b709a31102f5a9289342dc91d0e

  • SHA256

    1674ee633277f64fe9d22ff5d42ff0c19668fe6efe805886036a36bf12f351c3

  • SHA512

    cd817aea441cd3c062170a412b0b07b48b3f3d14e3ab7e7a5f9824834f772a09bdbfcb9aaf4414232e7e21981c6b21d9e9c0ffbb7392451671ebcda23bef6b20

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZRAc:c8y93KQjy7G55riF1cMo03rp

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      1674ee633277f64fe9d22ff5d42ff0c19668fe6efe805886036a36bf12f351c3

    • Size

      76KB

    • MD5

      3e0225bbfe63e29160b0f9ff333347a5

    • SHA1

      3b65b9df0c218b709a31102f5a9289342dc91d0e

    • SHA256

      1674ee633277f64fe9d22ff5d42ff0c19668fe6efe805886036a36bf12f351c3

    • SHA512

      cd817aea441cd3c062170a412b0b07b48b3f3d14e3ab7e7a5f9824834f772a09bdbfcb9aaf4414232e7e21981c6b21d9e9c0ffbb7392451671ebcda23bef6b20

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZRAc:c8y93KQjy7G55riF1cMo03rp

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks