Overview

overview

10

Static

static

10

29712e6d28...0a.dll

windows7-x64

5

29712e6d28...0a.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29712e6d28b64e9f23311f3cb992632d646cbb9d4361bf19707c4acddcad760a.exe

  • Size

    203KB

  • Sample

    250109-dlyc2ayjen

  • MD5

    8225fb8c173b4448f373b6d5726e061b

  • SHA1

    2fb7ed6c452ae9285a86ac8120fc09fd7fbca279

  • SHA256

    29712e6d28b64e9f23311f3cb992632d646cbb9d4361bf19707c4acddcad760a

  • SHA512

    12dba733b71b1fd3745043176edaf8a5e6698f86b7823babc4298864833f3d4c3b1a4aa993e9931d11c7bb534f55a98a453bf2d575c56a6b7d05b780c18b031c

  • SSDEEP

    3072:aJ8IMILmCa3yx6oFEdgVXnF6C9Ugfxm32n7SpiMz:5kmCaiEoFEd+F3txm2SpiMz

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      29712e6d28b64e9f23311f3cb992632d646cbb9d4361bf19707c4acddcad760a.exe

    • Size

      203KB

    • MD5

      8225fb8c173b4448f373b6d5726e061b

    • SHA1

      2fb7ed6c452ae9285a86ac8120fc09fd7fbca279

    • SHA256

      29712e6d28b64e9f23311f3cb992632d646cbb9d4361bf19707c4acddcad760a

    • SHA512

      12dba733b71b1fd3745043176edaf8a5e6698f86b7823babc4298864833f3d4c3b1a4aa993e9931d11c7bb534f55a98a453bf2d575c56a6b7d05b780c18b031c

    • SSDEEP

      3072:aJ8IMILmCa3yx6oFEdgVXnF6C9Ugfxm32n7SpiMz:5kmCaiEoFEd+F3txm2SpiMz

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks