Overview

overview

10

Static

static

10

3f004a3f56...9N.dll

windows7-x64

8

3f004a3f56...9N.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f004a3f564512b1fdf69ebc1e2176c4a40f8670191c84b7537234b30776d709N.exe

  • Size

    76KB

  • Sample

    241217-mk8l2sxkgw

  • MD5

    e6901b8fefec21c36f2fa85df45780b0

  • SHA1

    a25b65b1db6c1204bd7fe694d6b5c8816f324eb8

  • SHA256

    3f004a3f564512b1fdf69ebc1e2176c4a40f8670191c84b7537234b30776d709

  • SHA512

    067418090346633b939a344f92a045c6ea13d17566e3a187b4f5df14f40c55967ec569abc6978b1578040d82c2ce9f7afa06dbf90155e015105e843314b59487

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZZiqj:c8y93KQjy7G55riF1cMo03vZj

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      3f004a3f564512b1fdf69ebc1e2176c4a40f8670191c84b7537234b30776d709N.exe

    • Size

      76KB

    • MD5

      e6901b8fefec21c36f2fa85df45780b0

    • SHA1

      a25b65b1db6c1204bd7fe694d6b5c8816f324eb8

    • SHA256

      3f004a3f564512b1fdf69ebc1e2176c4a40f8670191c84b7537234b30776d709

    • SHA512

      067418090346633b939a344f92a045c6ea13d17566e3a187b4f5df14f40c55967ec569abc6978b1578040d82c2ce9f7afa06dbf90155e015105e843314b59487

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZZiqj:c8y93KQjy7G55riF1cMo03vZj

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks