Overview

overview

10

Static

static

10

8e638c674d...8f.dll

windows7-x64

8

8e638c674d...8f.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e638c674dc6a733a515462af7c28d138cbef2d609bf75b90e8a01738af62f8f

  • Size

    76KB

  • Sample

    250106-ezwxssykeq

  • MD5

    af6971dd6be163b2dd374e265f2801ae

  • SHA1

    721792c33e04d5f79b13a6fd9e5755c1b988d4bb

  • SHA256

    8e638c674dc6a733a515462af7c28d138cbef2d609bf75b90e8a01738af62f8f

  • SHA512

    ee24a59449364c30d6a1657257d960618b1d9bfe940744a847c9dfab44b84d9fc99f986dfa1b28f7c5198ba99d753a828c8ff2a383623a590813caec23ca9b80

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZLbSKbi:c8y93KQjy7G55riF1cMo03dby

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      8e638c674dc6a733a515462af7c28d138cbef2d609bf75b90e8a01738af62f8f

    • Size

      76KB

    • MD5

      af6971dd6be163b2dd374e265f2801ae

    • SHA1

      721792c33e04d5f79b13a6fd9e5755c1b988d4bb

    • SHA256

      8e638c674dc6a733a515462af7c28d138cbef2d609bf75b90e8a01738af62f8f

    • SHA512

      ee24a59449364c30d6a1657257d960618b1d9bfe940744a847c9dfab44b84d9fc99f986dfa1b28f7c5198ba99d753a828c8ff2a383623a590813caec23ca9b80

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZLbSKbi:c8y93KQjy7G55riF1cMo03dby

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks