Overview

overview

10

Static

static

10

55af279dba...cN.dll

windows7-x64

5

55af279dba...cN.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55af279dba074291c6f1a7511742bac06b54f00e17501ff93105f3ed0357c91cN.exe

  • Size

    203KB

  • Sample

    241231-bwnkgaznhz

  • MD5

    d79b32b5013a5fe0291cc3d19b262ce0

  • SHA1

    ffce8a5d68adff68146c319eed8554732a7e3f3f

  • SHA256

    55af279dba074291c6f1a7511742bac06b54f00e17501ff93105f3ed0357c91c

  • SHA512

    118753ff1b0d0bba0a7bd4e5d06d24b76ef066eb57f2c797eae6d99c65475c785a214d109f8b1c4d5098113a1e30e613808743cfcbc5e61e5becef9dcf05e583

  • SSDEEP

    3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viMRZ8VYD:0kmCaiEoFEd+FYOtxmdeviMRmVm

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      55af279dba074291c6f1a7511742bac06b54f00e17501ff93105f3ed0357c91cN.exe

    • Size

      203KB

    • MD5

      d79b32b5013a5fe0291cc3d19b262ce0

    • SHA1

      ffce8a5d68adff68146c319eed8554732a7e3f3f

    • SHA256

      55af279dba074291c6f1a7511742bac06b54f00e17501ff93105f3ed0357c91c

    • SHA512

      118753ff1b0d0bba0a7bd4e5d06d24b76ef066eb57f2c797eae6d99c65475c785a214d109f8b1c4d5098113a1e30e613808743cfcbc5e61e5becef9dcf05e583

    • SSDEEP

      3072:hJ8IMILmCa3yx6oFEdgVXnFYf7C9Ugfxm3Nep9viMRZ8VYD:0kmCaiEoFEd+FYOtxmdeviMRmVm

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks