Overview

overview

10

Static

static

10

1e06d70d5e...8N.dll

windows7-x64

8

1e06d70d5e...8N.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e06d70d5e3a8ad0f3bd7c25379873f6dc82a7e764381424b20b0832d82b9918N.exe

  • Size

    76KB

  • Sample

    241220-fbrtls1kel

  • MD5

    e9d88522413bd309b72328f9d92cf280

  • SHA1

    308b668cc8e688d85092882ba8b89ff046475027

  • SHA256

    1e06d70d5e3a8ad0f3bd7c25379873f6dc82a7e764381424b20b0832d82b9918

  • SHA512

    95f279a4dc812bef10a78d438cfb504e5c4b35a6b4d9cef82e34be7b3dbb46fa3679f965a8ea407459d86530c17c70deb396546e5345f3b95843b3aa79704d80

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z+I/cr:c8y93KQjy7G55riF1cMo03Mnr

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      1e06d70d5e3a8ad0f3bd7c25379873f6dc82a7e764381424b20b0832d82b9918N.exe

    • Size

      76KB

    • MD5

      e9d88522413bd309b72328f9d92cf280

    • SHA1

      308b668cc8e688d85092882ba8b89ff046475027

    • SHA256

      1e06d70d5e3a8ad0f3bd7c25379873f6dc82a7e764381424b20b0832d82b9918

    • SHA512

      95f279a4dc812bef10a78d438cfb504e5c4b35a6b4d9cef82e34be7b3dbb46fa3679f965a8ea407459d86530c17c70deb396546e5345f3b95843b3aa79704d80

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z+I/cr:c8y93KQjy7G55riF1cMo03Mnr

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks