Overview

overview

10

Static

static

10

imagelogge...1).exe

windows7-x64

7

imagelogge...1).exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    imageloggerbuild (1).exe

  • Size

    7.6MB

  • Sample

    241217-aq38asvqhk

  • MD5

    ce786c4ea9ff7bc2876421360cb2fca9

  • SHA1

    072e7e01cb1ae48315e5f607b95821ae006dfe4b

  • SHA256

    89413cecfc4b40f063be4bcdc56f9b61bbf9688ede87cf41105d5f166d66e68b

  • SHA512

    f6d2b58296070bdd54582fb779349e82bf28ea12b261cf12045a3876912c0779420428b513885bb4c4954ae2af68c3e71919bc0c7877f9cbc7346307ae68f66f

  • SSDEEP

    196608:MmHYawfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/j9:IIHziK1piXLGVE4Ue0VJp

Score
10/10
blankgrabberdefense_evasiondiscoveryexecutionupx

Malware Config

Targets

    • Target

      imageloggerbuild (1).exe

    • Size

      7.6MB

    • MD5

      ce786c4ea9ff7bc2876421360cb2fca9

    • SHA1

      072e7e01cb1ae48315e5f607b95821ae006dfe4b

    • SHA256

      89413cecfc4b40f063be4bcdc56f9b61bbf9688ede87cf41105d5f166d66e68b

    • SHA512

      f6d2b58296070bdd54582fb779349e82bf28ea12b261cf12045a3876912c0779420428b513885bb4c4954ae2af68c3e71919bc0c7877f9cbc7346307ae68f66f

    • SSDEEP

      196608:MmHYawfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/j9:IIHziK1piXLGVE4Ue0VJp

    Score
    8/10
    upxdefense_evasiondiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks