Overview

overview

10

Static

static

10

749bb62e50...1f.dll

windows7-x64

8

749bb62e50...1f.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    749bb62e50da22f25a6eccbe24ce8eb79d2233bb3e3d23e4297f92e0528f991f.exe

  • Size

    203KB

  • Sample

    241231-2yh1wawndn

  • MD5

    7f52395a7250044a0e64494e65fe6009

  • SHA1

    cc89798d6d9d78b2e709c5f161c0a4f7994afc8b

  • SHA256

    749bb62e50da22f25a6eccbe24ce8eb79d2233bb3e3d23e4297f92e0528f991f

  • SHA512

    560cde760f6bc74d05f109b4133eec3b063bff22ffbd4e8f6d33aabaaf39e6e9e490fda071691efd0efab50f5593d00752b3906a94affac124deb0c8e260207e

  • SSDEEP

    3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viMxEu:0kmCaiEoFEd+FYOtxmdeviMCu

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      749bb62e50da22f25a6eccbe24ce8eb79d2233bb3e3d23e4297f92e0528f991f.exe

    • Size

      203KB

    • MD5

      7f52395a7250044a0e64494e65fe6009

    • SHA1

      cc89798d6d9d78b2e709c5f161c0a4f7994afc8b

    • SHA256

      749bb62e50da22f25a6eccbe24ce8eb79d2233bb3e3d23e4297f92e0528f991f

    • SHA512

      560cde760f6bc74d05f109b4133eec3b063bff22ffbd4e8f6d33aabaaf39e6e9e490fda071691efd0efab50f5593d00752b3906a94affac124deb0c8e260207e

    • SSDEEP

      3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viMxEu:0kmCaiEoFEd+FYOtxmdeviMCu

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks