3db697da54f91940563f1f633f2d45cc27907fe6e67ebb34eb7e1910d60b1bac | Triage

Submit
Reports

Overview

overview

Static

static

MEGAsyncSetup64.exe

windows7_x64

MEGAsyncSetup64.exe

windows10_x64

Sharing

General

Target

MEGAsyncSetup64.exe
Size

49.1MB
Sample

211208-wsczsaaadp
MD5

55b0426aa5ed74adbbe61fec2343b9c8
SHA1

ba5766eabc434ed78f0467f8f1315a30397af455
SHA256

3db697da54f91940563f1f633f2d45cc27907fe6e67ebb34eb7e1910d60b1bac
SHA512

abba19dfec8ab103a8f8a799b9993a75918052fd8b1a1de6527897be15f3402d4a709a7b59da4ad632674a5990c7e44b5461e1c790e43243fb2d2ad2f7ee6108

Score

10^/10

discovery persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

MEGAsyncSetup64.exe

Resource

win7-en-20211208

discovery persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

MEGAsyncSetup64.exe

Resource

win10-en-20211208

discovery persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  MEGAsyncSetup64.exe
- Size
  
  49.1MB
- MD5
  
  55b0426aa5ed74adbbe61fec2343b9c8
- SHA1
  
  ba5766eabc434ed78f0467f8f1315a30397af455
- SHA256
  
  3db697da54f91940563f1f633f2d45cc27907fe6e67ebb34eb7e1910d60b1bac
- SHA512
  
  abba19dfec8ab103a8f8a799b9993a75918052fd8b1a1de6527897be15f3402d4a709a7b59da4ad632674a5990c7e44b5461e1c790e43243fb2d2ad2f7ee6108
Score

10^/10

discovery persistence upx
- Registers COM server for autorun
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2024

Terms | Privacy