Overview

overview

10

Static

static

10

5a49a64c04...18.dll

windows7-x64

8

5a49a64c04...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a49a64c04c10ee4fc8fb77b1e08a81450dd082d9b06547010cfd9eb7ac2a018

  • Size

    76KB

  • Sample

    250125-291eastmex

  • MD5

    aada6feb9b978dcbee978b5a531f1b24

  • SHA1

    423a03fd850cd51b4930c7182c6c2d98fab95e79

  • SHA256

    5a49a64c04c10ee4fc8fb77b1e08a81450dd082d9b06547010cfd9eb7ac2a018

  • SHA512

    946a877993170f4b2ac8eb911371c223fff0f5cfd17bdc1b06a6f17b385956faed1c295a6b22743c9b1c908cfdc126835181911d31bb755bb3768c5b0f61c694

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZAHUNHe:c8y93KQjy7G55riF1cMo03CHq+

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      5a49a64c04c10ee4fc8fb77b1e08a81450dd082d9b06547010cfd9eb7ac2a018

    • Size

      76KB

    • MD5

      aada6feb9b978dcbee978b5a531f1b24

    • SHA1

      423a03fd850cd51b4930c7182c6c2d98fab95e79

    • SHA256

      5a49a64c04c10ee4fc8fb77b1e08a81450dd082d9b06547010cfd9eb7ac2a018

    • SHA512

      946a877993170f4b2ac8eb911371c223fff0f5cfd17bdc1b06a6f17b385956faed1c295a6b22743c9b1c908cfdc126835181911d31bb755bb3768c5b0f61c694

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZAHUNHe:c8y93KQjy7G55riF1cMo03CHq+

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks