Overview

overview

10

Static

static

10

6c24a27d17...5d.exe

windows7-x64

7

6c24a27d17...5d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c24a27d176453a5590148a1cb30f9dfee090d5fe926ce72ecb76d452336a35d.exe

  • Size

    2.7MB

  • Sample

    250116-e9qhrstlfp

  • MD5

    0a433927ab55c45c8652056099da3a48

  • SHA1

    39b831bab30f39fe5d80caba62127ad1da39b139

  • SHA256

    6c24a27d176453a5590148a1cb30f9dfee090d5fe926ce72ecb76d452336a35d

  • SHA512

    9da1df06cdc5a200748713b04cf4e73038bb230398bc5f63cd509fa3997ff90718f851cd2c3f886e5795e2130867ac36fd8b391d4b1322dddb9614dd3d7022f1

  • SSDEEP

    24576:ssF6mZZcVKfIxTiEVc847flVC6faaQDbGV6eH81k6IbGD2JTu0GoZQDbGV6eH81y:fF6mw4gxeOw46fUbNecCCFbNecU

Score
10/10
warzoneratdiscoverypersistenceratupx

Malware Config

Targets

    • Target

      6c24a27d176453a5590148a1cb30f9dfee090d5fe926ce72ecb76d452336a35d.exe

    • Size

      2.7MB

    • MD5

      0a433927ab55c45c8652056099da3a48

    • SHA1

      39b831bab30f39fe5d80caba62127ad1da39b139

    • SHA256

      6c24a27d176453a5590148a1cb30f9dfee090d5fe926ce72ecb76d452336a35d

    • SHA512

      9da1df06cdc5a200748713b04cf4e73038bb230398bc5f63cd509fa3997ff90718f851cd2c3f886e5795e2130867ac36fd8b391d4b1322dddb9614dd3d7022f1

    • SSDEEP

      24576:ssF6mZZcVKfIxTiEVc847flVC6faaQDbGV6eH81k6IbGD2JTu0GoZQDbGV6eH81y:fF6mw4gxeOw46fUbNecCCFbNecU

    Score
    7/10
    discoverypersistenceupx

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks