General

  • Target

    bb129396c2a7788e8bd972c97ed5fed4.zip

  • Size

    1.2MB

  • Sample

    211207-a1hpcaadf9

  • MD5

    c61026861a19fabdf9206472e5bb27ca

  • SHA1

    718fd05c6ba252afbeb2f6dec8c587b525f528c0

  • SHA256

    f79ba418ed19c755cc25a76f160c4671996e8c5592f8ae12885d680b0104d072

  • SHA512

    50b39aeb36bdf8b550f7387c682daa19f3abfa46cef5455bb705c0b13ee1dfcc0b4fd3e511b6569846561ab8c8e68b0e1e0128c920ad57f1985989c73ed50ee4

Score
8/10
upx

Malware Config

Targets

    • Target

      PNERecovery_Setup_ENG_New.exe

    • Size

      436KB

    • MD5

      06cd50ccd16ca78da7b26cea4a3a54b7

    • SHA1

      257bac4946089600be9495268b2336066a21cc70

    • SHA256

      1f6d96065fbacd20a83e706b4914726b2e742a912275ac1262a99eb7330486dc

    • SHA512

      5bec847435f53085bc915071a61b2046b3b232e42ff4b928a7dcec47dc4cd69e6e5bfbc3cc83e266bb30959473122092ec9eff488551081f5eb1b57cd1bc4153

    Score
    8/10
    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      5. PNERecovery/PNERecovery_Setup_ENG_New.exe

    • Size

      436KB

    • MD5

      06cd50ccd16ca78da7b26cea4a3a54b7

    • SHA1

      257bac4946089600be9495268b2336066a21cc70

    • SHA256

      1f6d96065fbacd20a83e706b4914726b2e742a912275ac1262a99eb7330486dc

    • SHA512

      5bec847435f53085bc915071a61b2046b3b232e42ff4b928a7dcec47dc4cd69e6e5bfbc3cc83e266bb30959473122092ec9eff488551081f5eb1b57cd1bc4153

    Score
    1/10
    • Target

      ???/4102/NEW/AutoUpdate.exe

    • Size

      75KB

    • MD5

      8b5ad7167f5eeac93c141d2253c9e66a

    • SHA1

      b29c59dd5bc235e1390d62b81071c20eb6525193

    • SHA256

      0c55bc110c4ad13fdb62fe5d2b2380c85ed018d12cc7efd18b1d1021996a03ba

    • SHA512

      375be647ef46b01051e936ac0251d177e4a1140050e7246cb07d4e6a104dbc52f1cdd503fe17c4c6a032273ee421f5fedc7de8d57305c49d23ad355f9bd2b2de

    Score
    1/10
    • Target

      ???/4102/OLD/AutoUpdate.exe

    • Size

      88KB

    • MD5

      53d8819fe8c1929bce6d9d06a7bff6ab

    • SHA1

      389a067d60deb808f1f7e7d0d6bfdc3ddeb45992

    • SHA256

      65e89ef34ef685ca8e8d3cfe13ae4c9f245a606878e189c45b759ac1ba5a0d56

    • SHA512

      d7fa7dcbd010470fae73a0ef368dece7f3ba30519d06c2a61fdd7bc961d50ae0db030f22a2e93c0a3349262418cb96e47192ecd471ee508ac3b4f9f1b4364acc

    Score
    8/10
    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

2
T1082

Tasks