Overview

overview

10

Static

static

10

50eaf4dd03...fN.dll

windows7-x64

5

50eaf4dd03...fN.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50eaf4dd033a264d4ea1fcb778b0a68b71210bba1450b07a93484c8287b3c2afN.exe

  • Size

    76KB

  • Sample

    250107-asbwtsvrax

  • MD5

    dd1a5346cf2b08c18622b97df43f3170

  • SHA1

    720a740659b04d98897acb26068b8311feae7160

  • SHA256

    50eaf4dd033a264d4ea1fcb778b0a68b71210bba1450b07a93484c8287b3c2af

  • SHA512

    6e456437196664a836d39c8cc1c176f23a604bd3c23407c1e3af656f6c5312c5c5a9ed71965c3ff610f33cb2e50148544472702f765b2c264f10ae3a8d61457c

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z417fe1d:c8y93KQjy7G55riF1cMo03sfer

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      50eaf4dd033a264d4ea1fcb778b0a68b71210bba1450b07a93484c8287b3c2afN.exe

    • Size

      76KB

    • MD5

      dd1a5346cf2b08c18622b97df43f3170

    • SHA1

      720a740659b04d98897acb26068b8311feae7160

    • SHA256

      50eaf4dd033a264d4ea1fcb778b0a68b71210bba1450b07a93484c8287b3c2af

    • SHA512

      6e456437196664a836d39c8cc1c176f23a604bd3c23407c1e3af656f6c5312c5c5a9ed71965c3ff610f33cb2e50148544472702f765b2c264f10ae3a8d61457c

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z417fe1d:c8y93KQjy7G55riF1cMo03sfer

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks