Overview

overview

10

Static

static

10

5f1bdc14ca...05.dll

windows7-x64

6

5f1bdc14ca...05.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f1bdc14ca8d568993c8786c8b259fa57921beee87189ccc016adcf158066305

  • Size

    80KB

  • Sample

    241216-2tnesssnaw

  • MD5

    d4fed2e5cebf432b62ea20a76ca31624

  • SHA1

    e22ca4f896d0196295f422202bf061c5df817d57

  • SHA256

    5f1bdc14ca8d568993c8786c8b259fa57921beee87189ccc016adcf158066305

  • SHA512

    0ac0ddde049f9235fdad2c4f32b6750ab377d3b3efb9aa20c705d35ceb8cb9c08872bca312880359da69e33fd1f7e8b250b605ed6e2a8e5f536c7a071bf9f14e

  • SSDEEP

    1536:5POOhfbOjovgdVydUgoNrwBZXGDaZ1QIxrfItMgR7ZaO+fGxHZPEz1:5dbwovEVyqgoZmZXWfIdQdRaefPe

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      5f1bdc14ca8d568993c8786c8b259fa57921beee87189ccc016adcf158066305

    • Size

      80KB

    • MD5

      d4fed2e5cebf432b62ea20a76ca31624

    • SHA1

      e22ca4f896d0196295f422202bf061c5df817d57

    • SHA256

      5f1bdc14ca8d568993c8786c8b259fa57921beee87189ccc016adcf158066305

    • SHA512

      0ac0ddde049f9235fdad2c4f32b6750ab377d3b3efb9aa20c705d35ceb8cb9c08872bca312880359da69e33fd1f7e8b250b605ed6e2a8e5f536c7a071bf9f14e

    • SSDEEP

      1536:5POOhfbOjovgdVydUgoNrwBZXGDaZ1QIxrfItMgR7ZaO+fGxHZPEz1:5dbwovEVyqgoZmZXWfIdQdRaefPe

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks