Overview

overview

10

Static

static

10

c9e72c6771...cb.dll

windows7-x64

5

c9e72c6771...cb.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9e72c6771d2521b99a77bc7b216ebdbc8ba3b1bcc69abafb428a01ee6d7d3cb

  • Size

    76KB

  • Sample

    250121-na737szrdy

  • MD5

    62b797788be8837b7ade605fcd435a42

  • SHA1

    37b1d79576561a4eb278e698312c622681694333

  • SHA256

    c9e72c6771d2521b99a77bc7b216ebdbc8ba3b1bcc69abafb428a01ee6d7d3cb

  • SHA512

    60b647bae4c97e2bb917ae2bec9fc579bc5e4e0c947497b71c03edf2b12cbbbe2234020362bbe43e7dba6c80b553c8430bae0ef4ee420c0d4582c88096d53e18

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zsiqu:c8y93KQjy7G55riF1cMo03qZu

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      c9e72c6771d2521b99a77bc7b216ebdbc8ba3b1bcc69abafb428a01ee6d7d3cb

    • Size

      76KB

    • MD5

      62b797788be8837b7ade605fcd435a42

    • SHA1

      37b1d79576561a4eb278e698312c622681694333

    • SHA256

      c9e72c6771d2521b99a77bc7b216ebdbc8ba3b1bcc69abafb428a01ee6d7d3cb

    • SHA512

      60b647bae4c97e2bb917ae2bec9fc579bc5e4e0c947497b71c03edf2b12cbbbe2234020362bbe43e7dba6c80b553c8430bae0ef4ee420c0d4582c88096d53e18

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zsiqu:c8y93KQjy7G55riF1cMo03qZu

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks