Overview

overview

10

Static

static

10

1c166f56b3...aN.dll

windows7-x64

8

1c166f56b3...aN.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c166f56b3a8c211f47ae91682b80c16e56f03a5ced6f78ba7e33e8df65320aaN.exe

  • Size

    76KB

  • Sample

    250104-ypwzlavlaw

  • MD5

    a43f5ac098a8837a612019bd32af2600

  • SHA1

    71d502676b0485fad00d0f426b66bd0cb9bc1b02

  • SHA256

    1c166f56b3a8c211f47ae91682b80c16e56f03a5ced6f78ba7e33e8df65320aa

  • SHA512

    4f929d198af744e84c4c43b96836d5861558a9706c6fd582917c94c39b5d3e88753a29604c107f2cc561746ac7b2673f4a3831fbcc5c5c2ffa2235b9ebf8d0bc

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZYrlsd:c8y93KQjy7G55riF1cMo038Od

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      1c166f56b3a8c211f47ae91682b80c16e56f03a5ced6f78ba7e33e8df65320aaN.exe

    • Size

      76KB

    • MD5

      a43f5ac098a8837a612019bd32af2600

    • SHA1

      71d502676b0485fad00d0f426b66bd0cb9bc1b02

    • SHA256

      1c166f56b3a8c211f47ae91682b80c16e56f03a5ced6f78ba7e33e8df65320aa

    • SHA512

      4f929d198af744e84c4c43b96836d5861558a9706c6fd582917c94c39b5d3e88753a29604c107f2cc561746ac7b2673f4a3831fbcc5c5c2ffa2235b9ebf8d0bc

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZYrlsd:c8y93KQjy7G55riF1cMo038Od

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks