Overview

overview

10

Static

static

10

wxipp.exe

windows7-x64

6

wxipp.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wxipp.exe

  • Size

    182KB

  • Sample

    240627-xj4ltavfle

  • MD5

    7d8f1fc0c5e1d7ca23385a823024c959

  • SHA1

    fb50e723d2cfe73c7ec55ee24cd5d1dffa2a5245

  • SHA256

    b89a70f1b581bb4807cb6a7c40146f0b28e2f1469c83bd019c1a37819da85a79

  • SHA512

    5e060910f9df45be168b1c6a6423f029ed360667d270aab317efc00cd3ef60e9bfd09c572b15b1ebd3d40b1b01a36e3fdb925713c0a006e76e08360f0cbc2b29

  • SSDEEP

    3072:M9ocHuUrOkFV1qGjTHfVMMQfrwHn0/Mp+Z3zDBmLjqZ9NRbqzJxlNszz1:MKcHuydHNMbfrwH0/dZRmLjqZ9NRbqF0

Score
10/10
nanocoreevasiontrojan

Malware Config

Targets

    • Target

      wxipp.exe

    • Size

      182KB

    • MD5

      7d8f1fc0c5e1d7ca23385a823024c959

    • SHA1

      fb50e723d2cfe73c7ec55ee24cd5d1dffa2a5245

    • SHA256

      b89a70f1b581bb4807cb6a7c40146f0b28e2f1469c83bd019c1a37819da85a79

    • SHA512

      5e060910f9df45be168b1c6a6423f029ed360667d270aab317efc00cd3ef60e9bfd09c572b15b1ebd3d40b1b01a36e3fdb925713c0a006e76e08360f0cbc2b29

    • SSDEEP

      3072:M9ocHuUrOkFV1qGjTHfVMMQfrwHn0/Mp+Z3zDBmLjqZ9NRbqzJxlNszz1:MKcHuydHNMbfrwH0/dZRmLjqZ9NRbqF0

    Score
    6/10
    evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Persistence

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Privilege Escalation

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks