3adecafc9337bb0ed9a36bcf0e8e5c5c42bf79705075a14cc4d53b3224e05cf8 | Triage

Submit
Reports

Overview

overview

8

Static

static

IMAGE-20112020.exe

windows7_x64

8

IMAGE-20112020.exe

windows10_x64

8

Sharing

General

Target

IMAGE-20112020.exe
Size

3.1MB
Sample

201120-5qa5npr1jn
MD5

93cd2f4cf41dce70819f499f9eddeea7
SHA1

c10ecda4fec625114bcd2de212e931426f1b5869
SHA256

3adecafc9337bb0ed9a36bcf0e8e5c5c42bf79705075a14cc4d53b3224e05cf8
SHA512

5c03e380d7609c32d5369a51efe329ec925445fd4c216dd6405dccd74f896d04463eee280d2f9dc59ab94cd8629be15fe4ae93cd2fe07e998bd1de41ec793d55

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

IMAGE-20112020.exe

Resource

win7v20201028

persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

IMAGE-20112020.exe

Resource

win10v20201028

persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  IMAGE-20112020.exe
- Size
  
  3.1MB
- MD5
  
  93cd2f4cf41dce70819f499f9eddeea7
- SHA1
  
  c10ecda4fec625114bcd2de212e931426f1b5869
- SHA256
  
  3adecafc9337bb0ed9a36bcf0e8e5c5c42bf79705075a14cc4d53b3224e05cf8
- SHA512
  
  5c03e380d7609c32d5369a51efe329ec925445fd4c216dd6405dccd74f896d04463eee280d2f9dc59ab94cd8629be15fe4ae93cd2fe07e998bd1de41ec793d55
Score

8^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy