Overview

overview

10

Static

static

10

af28df8ea9...3d.dll

windows7-x64

8

af28df8ea9...3d.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af28df8ea9f38d1f8f5de648c105b5ecc6fe1777716c87bcaad0d7436aa63b3d.exe

  • Size

    76KB

  • Sample

    241225-y4apxawlfw

  • MD5

    a4e491914ef0bf54c37659660754ce02

  • SHA1

    7c1d3804bf305f85ee39f9d3dc98151547693f3f

  • SHA256

    af28df8ea9f38d1f8f5de648c105b5ecc6fe1777716c87bcaad0d7436aa63b3d

  • SHA512

    d02974d2a432ef12d26a93f1142f17e53956cd180e20a334ea02c8bb6adcc507094cbbe4b9073184488386a14a042098b849b2ca82ce7b5cc0295a432ccf8c54

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZgSEFDyEX9/bF:c8y93KQjy7G55riF1cMo03uSERdX9p

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      af28df8ea9f38d1f8f5de648c105b5ecc6fe1777716c87bcaad0d7436aa63b3d.exe

    • Size

      76KB

    • MD5

      a4e491914ef0bf54c37659660754ce02

    • SHA1

      7c1d3804bf305f85ee39f9d3dc98151547693f3f

    • SHA256

      af28df8ea9f38d1f8f5de648c105b5ecc6fe1777716c87bcaad0d7436aa63b3d

    • SHA512

      d02974d2a432ef12d26a93f1142f17e53956cd180e20a334ea02c8bb6adcc507094cbbe4b9073184488386a14a042098b849b2ca82ce7b5cc0295a432ccf8c54

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZgSEFDyEX9/bF:c8y93KQjy7G55riF1cMo03uSERdX9p

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks