Overview

overview

10

Static

static

10

6191a38a53...cN.dll

windows7-x64

5

6191a38a53...cN.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6191a38a5311c6a06d4c3c4133825067c3ba43279bb11e6a4af28f9f06f0f05cN.exe

  • Size

    76KB

  • Sample

    250125-hz14as1qdz

  • MD5

    9eeef964fe1b3ebd07af1929bf6846f0

  • SHA1

    8527d1a317fcc265953b80dd35b2d541d18aa11b

  • SHA256

    6191a38a5311c6a06d4c3c4133825067c3ba43279bb11e6a4af28f9f06f0f05c

  • SHA512

    f89a6919ea9b4f2352f90c7cac85524f647f4c0ecd690d4b85d5d5e45cd2c30eed5a9f51511887c6e716903e21b20affcf1b46897a6566d4a25e01c7646d47d1

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZqWrKTo2j:c8y93KQjy7G55riF1cMo03s5z

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      6191a38a5311c6a06d4c3c4133825067c3ba43279bb11e6a4af28f9f06f0f05cN.exe

    • Size

      76KB

    • MD5

      9eeef964fe1b3ebd07af1929bf6846f0

    • SHA1

      8527d1a317fcc265953b80dd35b2d541d18aa11b

    • SHA256

      6191a38a5311c6a06d4c3c4133825067c3ba43279bb11e6a4af28f9f06f0f05c

    • SHA512

      f89a6919ea9b4f2352f90c7cac85524f647f4c0ecd690d4b85d5d5e45cd2c30eed5a9f51511887c6e716903e21b20affcf1b46897a6566d4a25e01c7646d47d1

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZqWrKTo2j:c8y93KQjy7G55riF1cMo03s5z

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks