Overview

overview

10

Static

static

10

84671b2d8b...9N.dll

windows7-x64

8

84671b2d8b...9N.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84671b2d8b16d48a9e98daff0acee41a10c8b8d3f54e9ed58c9d21ffa57c0249N.exe

  • Size

    203KB

  • Sample

    250104-h44d8aynft

  • MD5

    4ec8da127f798edc03bdf74663e44cb0

  • SHA1

    5b61ad4d1ce0f94cfc5f0abdac445fec120782cd

  • SHA256

    84671b2d8b16d48a9e98daff0acee41a10c8b8d3f54e9ed58c9d21ffa57c0249

  • SHA512

    6b0a74552f0f6c91b814426fd12acebb0c29e2703b971d52a89d65d712ae97c61011601187adae00ed5d0dfd8fc831df8cb491a8f2a65e31e72cd0835c1b3144

  • SSDEEP

    3072:aJ8IMILmCa3yx6oFEdgVXnF6C9Ugfxm32n7SpiMt:5kmCaiEoFEd+F3txm2SpiMt

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      84671b2d8b16d48a9e98daff0acee41a10c8b8d3f54e9ed58c9d21ffa57c0249N.exe

    • Size

      203KB

    • MD5

      4ec8da127f798edc03bdf74663e44cb0

    • SHA1

      5b61ad4d1ce0f94cfc5f0abdac445fec120782cd

    • SHA256

      84671b2d8b16d48a9e98daff0acee41a10c8b8d3f54e9ed58c9d21ffa57c0249

    • SHA512

      6b0a74552f0f6c91b814426fd12acebb0c29e2703b971d52a89d65d712ae97c61011601187adae00ed5d0dfd8fc831df8cb491a8f2a65e31e72cd0835c1b3144

    • SSDEEP

      3072:aJ8IMILmCa3yx6oFEdgVXnF6C9Ugfxm32n7SpiMt:5kmCaiEoFEd+F3txm2SpiMt

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks