Overview

overview

10

Static

static

10

documento.exe

windows7-x64

7

documento.exe

windows10-2004-x64

8

�@�H�V.pyc

windows7-x64

�@�H�V.pyc

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    documento.t𝗑t

  • Size

    6.7MB

  • Sample

    250201-1rpdmssjdw

  • MD5

    a7d9e8672aa8c0a692c072efa65260ca

  • SHA1

    0b760605ca99cfc0703be14092f75b7575ea6952

  • SHA256

    05d21266518f990a7b77c21619c49e3fa441632aaff1bc665897c5b31c20763a

  • SHA512

    3d547d21be719a1b77cfc3900121d78638a0d1becf7fcf9ed847224275ea6bcee5879d4b7bd6435b21e6c9ac2a277dfa38c2009620c058428b0bea09ac7aaf2e

  • SSDEEP

    196608:8YFWeN/FJMIDJf0gsAGK5SEQROkaEWWlGE:3/Fqyf0gsfNOkhfb

Score
10/10
blankgrabberdefense_evasiondiscoveryexecutionupx

Malware Config

Targets

    • Target

      documento.t𝗑t

    • Size

      6.7MB

    • MD5

      a7d9e8672aa8c0a692c072efa65260ca

    • SHA1

      0b760605ca99cfc0703be14092f75b7575ea6952

    • SHA256

      05d21266518f990a7b77c21619c49e3fa441632aaff1bc665897c5b31c20763a

    • SHA512

      3d547d21be719a1b77cfc3900121d78638a0d1becf7fcf9ed847224275ea6bcee5879d4b7bd6435b21e6c9ac2a277dfa38c2009620c058428b0bea09ac7aaf2e

    • SSDEEP

      196608:8YFWeN/FJMIDJf0gsAGK5SEQROkaEWWlGE:3/Fqyf0gsfNOkhfb

    Score
    8/10
    upxdefense_evasiondiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      �@�H�V.pyc

    • Size

      857B

    • MD5

      6009052db5c671ec5157abfebe522648

    • SHA1

      3973f68558f6e5278f15c8094aa525ce03af858a

    • SHA256

      2842d91d1ffb76533f14ffde5264113568751051d28a8e1df8b6688d7f0faa4b

    • SHA512

      4b2bb6d1125acf2dc270150a7aaa1ac2aa42380c6fd08d35467cd55e027005981a1799eb074ebd79464f022de6381187d905aeded0b95d00db3e638bdc19d246

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks