Overview

overview

8

Static

static

2021S1A2.exe

windows7_x64

8

2021S1A2.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2021S1A2.exe

  • Size

    11KB

  • Sample

    211204-tam1xsbcdn

  • MD5

    c387baa29a581f7532984dcc1bc83f08

  • SHA1

    326b8acbd1efa2db9578752642ab7a78476347b8

  • SHA256

    9a304b34f6805a40cec1aaf91ab8ceda8579523511c4a5fa444daa2ad8ac1fb7

  • SHA512

    c159b5d9c062e255c390317149c5cf8d5c7cd4a71bcbbcbd1baa33c9a463649afedd5558677f86295d738eba0ef5714878be709a529fc3c34590a53d76e9ca91

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      2021S1A2.exe

    • Size

      11KB

    • MD5

      c387baa29a581f7532984dcc1bc83f08

    • SHA1

      326b8acbd1efa2db9578752642ab7a78476347b8

    • SHA256

      9a304b34f6805a40cec1aaf91ab8ceda8579523511c4a5fa444daa2ad8ac1fb7

    • SHA512

      c159b5d9c062e255c390317149c5cf8d5c7cd4a71bcbbcbd1baa33c9a463649afedd5558677f86295d738eba0ef5714878be709a529fc3c34590a53d76e9ca91

    Score
    8/10
    persistenceupx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks