Overview

overview

10

Static

static

10

070794299a...38.dll

windows7-x64

8

070794299a...38.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    070794299a8d1890fa6f0ea6e0aa624b27fd1c9a4a22a19045fcc68e46b7b038

  • Size

    76KB

  • Sample

    250105-x41ewswjek

  • MD5

    34edb076be31e7663aff17a3c701be66

  • SHA1

    9fee003e20e2e6ab81aee1141523dedf0b82768a

  • SHA256

    070794299a8d1890fa6f0ea6e0aa624b27fd1c9a4a22a19045fcc68e46b7b038

  • SHA512

    f269499ebd6fc39618617e86be84413db10b9191d1a1ac19595e5b7dffcddc79a6b61ce7702b94c9175f816ea2a1727258df97b6216bb19a5df56f47638b4bc2

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zxgf+ly3:c8y93KQjy7G55riF1cMo033gf+K

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      070794299a8d1890fa6f0ea6e0aa624b27fd1c9a4a22a19045fcc68e46b7b038

    • Size

      76KB

    • MD5

      34edb076be31e7663aff17a3c701be66

    • SHA1

      9fee003e20e2e6ab81aee1141523dedf0b82768a

    • SHA256

      070794299a8d1890fa6f0ea6e0aa624b27fd1c9a4a22a19045fcc68e46b7b038

    • SHA512

      f269499ebd6fc39618617e86be84413db10b9191d1a1ac19595e5b7dffcddc79a6b61ce7702b94c9175f816ea2a1727258df97b6216bb19a5df56f47638b4bc2

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zxgf+ly3:c8y93KQjy7G55riF1cMo033gf+K

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks