Overview

overview

10

Static

static

10

0f81d4c21c...c8.dll

windows7-x64

8

0f81d4c21c...c8.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f81d4c21cbb813868857c3acb01be109b163a701e191ff7984f848a8b2633c8.exe

  • Size

    203KB

  • Sample

    241226-h6f2pszmfn

  • MD5

    03d3ca99ee5a80a94784776ad5b8e67f

  • SHA1

    4e515bc9c20e9018771ff4e9af66acd1746f4a69

  • SHA256

    0f81d4c21cbb813868857c3acb01be109b163a701e191ff7984f848a8b2633c8

  • SHA512

    f8d1fbbbbaeb8db790e5a29d7a2dc28d01217a2c7bebd555d78dacf333928b0d2dfab644caf1e20e385e2e1514f5ff3e58ef9168ac063aae1e5634fb3f6d8a44

  • SSDEEP

    3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viME1Ni:0kmCaiEoFEd+FYOtxmdeviME1Ni

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      0f81d4c21cbb813868857c3acb01be109b163a701e191ff7984f848a8b2633c8.exe

    • Size

      203KB

    • MD5

      03d3ca99ee5a80a94784776ad5b8e67f

    • SHA1

      4e515bc9c20e9018771ff4e9af66acd1746f4a69

    • SHA256

      0f81d4c21cbb813868857c3acb01be109b163a701e191ff7984f848a8b2633c8

    • SHA512

      f8d1fbbbbaeb8db790e5a29d7a2dc28d01217a2c7bebd555d78dacf333928b0d2dfab644caf1e20e385e2e1514f5ff3e58ef9168ac063aae1e5634fb3f6d8a44

    • SSDEEP

      3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viME1Ni:0kmCaiEoFEd+FYOtxmdeviME1Ni

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks