Overview

overview

10

Static

static

10

b30a0d4cee...cN.dll

windows7-x64

5

b30a0d4cee...cN.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b30a0d4cee6f2fc2c4e22f95de1a7d0229bbb07d111221d0d05d2eaf2836502cN.exe

  • Size

    76KB

  • Sample

    250126-2jc63sykhl

  • MD5

    b4aadeae396c0491eee94e5cea7392e0

  • SHA1

    2220b677c13ffa8d3b6210ab4600ce169fca5a48

  • SHA256

    b30a0d4cee6f2fc2c4e22f95de1a7d0229bbb07d111221d0d05d2eaf2836502c

  • SHA512

    9f54fbffdae60e1289b6987718158f017195d0087b328279e84c898ce6f91ce832a43ac56b03830bc80277be6263f6a010cc104f6caabe41ecb5698a43048630

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZSLKkBXO:c8y93KQjy7G55riF1cMo03KlO

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      b30a0d4cee6f2fc2c4e22f95de1a7d0229bbb07d111221d0d05d2eaf2836502cN.exe

    • Size

      76KB

    • MD5

      b4aadeae396c0491eee94e5cea7392e0

    • SHA1

      2220b677c13ffa8d3b6210ab4600ce169fca5a48

    • SHA256

      b30a0d4cee6f2fc2c4e22f95de1a7d0229bbb07d111221d0d05d2eaf2836502c

    • SHA512

      9f54fbffdae60e1289b6987718158f017195d0087b328279e84c898ce6f91ce832a43ac56b03830bc80277be6263f6a010cc104f6caabe41ecb5698a43048630

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZSLKkBXO:c8y93KQjy7G55riF1cMo03KlO

    Score
    8/10
    discoveryupxpersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks