Overview

overview

10

Static

static

10

1b104f6317...38.dll

windows7-x64

8

1b104f6317...38.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b104f6317abdb413fbb3452e006ca7141033e67a66064957bd23b62e566da38

  • Size

    76KB

  • Sample

    250203-y98h5atqfj

  • MD5

    d73aeaf2550d1df47f034f03f137d7a0

  • SHA1

    7694ee7369dd4c7140c7dc0ba3d5b580a29f10df

  • SHA256

    1b104f6317abdb413fbb3452e006ca7141033e67a66064957bd23b62e566da38

  • SHA512

    a5872c234ba268414b7d7cc321b154cfb06dc2102a0d1e173207233105d7e78cf9a373d48c638266027c0d6f4d8d28b932f909df17f18fecf432123de8115d2c

  • SSDEEP

    1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZTKMvw5Bf:c8y93KQjy7G55riF1cMo03Lvu

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      1b104f6317abdb413fbb3452e006ca7141033e67a66064957bd23b62e566da38

    • Size

      76KB

    • MD5

      d73aeaf2550d1df47f034f03f137d7a0

    • SHA1

      7694ee7369dd4c7140c7dc0ba3d5b580a29f10df

    • SHA256

      1b104f6317abdb413fbb3452e006ca7141033e67a66064957bd23b62e566da38

    • SHA512

      a5872c234ba268414b7d7cc321b154cfb06dc2102a0d1e173207233105d7e78cf9a373d48c638266027c0d6f4d8d28b932f909df17f18fecf432123de8115d2c

    • SSDEEP

      1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZTKMvw5Bf:c8y93KQjy7G55riF1cMo03Lvu

    Score
    8/10
    discoverypersistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks