ff769e5742cd29ad43c72253f2ccac27832710be32f44cb0a7d91a626ac72645 | Triage

Sharing

General

Target

ff769e5742cd29ad43c72253f2ccac27832710be32f44cb0a7d91a626ac72645
Size

797KB
Sample

201108-6xnjm1kt5e
MD5

d359ddfb5765789a694878a3c2138c78
SHA1

5d50b7ad689cb9efd42b1719fdcf937c1f80e2e9
SHA256

ff769e5742cd29ad43c72253f2ccac27832710be32f44cb0a7d91a626ac72645
SHA512

aa7762b2deef07a5dce55743242cfb7726ebbf5a2796e89bb50fcc0d7e1ae4b8c7c0f8651f42675bcdae2669228a500bdf2e5f09ef00e4250843e671f20443c5

Score

10^/10

evasion trojan upx

Malware Config

Targets

- Target
  
  ff769e5742cd29ad43c72253f2ccac27832710be32f44cb0a7d91a626ac72645
- Size
  
  797KB
- MD5
  
  d359ddfb5765789a694878a3c2138c78
- SHA1
  
  5d50b7ad689cb9efd42b1719fdcf937c1f80e2e9
- SHA256
  
  ff769e5742cd29ad43c72253f2ccac27832710be32f44cb0a7d91a626ac72645
- SHA512
  
  aa7762b2deef07a5dce55743242cfb7726ebbf5a2796e89bb50fcc0d7e1ae4b8c7c0f8651f42675bcdae2669228a500bdf2e5f09ef00e4250843e671f20443c5
Score

10^/10

evasion trojan upx
- Modifies firewall policy service
  evasion
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx

behavioral2

evasiontrojanupx