Overview

overview

10

Static

static

10

896e6f2c8d...cN.dll

windows7-x64

5

896e6f2c8d...cN.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    896e6f2c8dace53a18ab91dff659bf0c3091351875686e2a77a61fa82762807cN.exe

  • Size

    76KB

  • Sample

    241216-gv6mjsxnb1

  • MD5

    5028fbe8ba77417ec490cae41b486610

  • SHA1

    0c802aecc30ded274381b197205f7c821ad93fb3

  • SHA256

    896e6f2c8dace53a18ab91dff659bf0c3091351875686e2a77a61fa82762807c

  • SHA512

    079e8a4fb4211267ad4cdc0895fc31db51b7a792ed180bfc49cf02ca2e1db5f13de2da2a4274b5c7aa0857046beede717d2ed83d76d9298c993aa0bac2bc4201

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZRdjkhSQF:c8y93KQjy7G55riF1cMo03PNkhSA

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      896e6f2c8dace53a18ab91dff659bf0c3091351875686e2a77a61fa82762807cN.exe

    • Size

      76KB

    • MD5

      5028fbe8ba77417ec490cae41b486610

    • SHA1

      0c802aecc30ded274381b197205f7c821ad93fb3

    • SHA256

      896e6f2c8dace53a18ab91dff659bf0c3091351875686e2a77a61fa82762807c

    • SHA512

      079e8a4fb4211267ad4cdc0895fc31db51b7a792ed180bfc49cf02ca2e1db5f13de2da2a4274b5c7aa0857046beede717d2ed83d76d9298c993aa0bac2bc4201

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZRdjkhSQF:c8y93KQjy7G55riF1cMo03PNkhSA

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks