ffe9888ec912499bfeac9da9d744dacdb09f1273b2f3c67b82b52b2015600125 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffe9888ec912499bfeac9da9d744dacdb09f1273b2f3c67b82b52b2015600125
Size

33KB
Sample

221002-ns76xsdeb6
MD5

67778d13af92bbb89b67c16aa89728a0
SHA1

1df01bdaf7f4f2ec28d499ec38407d5f2b9107eb
SHA256

ffe9888ec912499bfeac9da9d744dacdb09f1273b2f3c67b82b52b2015600125
SHA512

5f804ece404105967230886b005f84c8e5351222f225c01043140868c20c9309851b893db46972e886e5b60de3614f2c97ec026efc0a5d1e13353f7ff4c31f77
SSDEEP

768:xxuFP38MZMMc5R1fMrWu4pBKgH0yZrcO1QF2CTn596D5OuPZJ:xmfv+64pBKFy1uIfD5OuhJ

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  ffe9888ec912499bfeac9da9d744dacdb09f1273b2f3c67b82b52b2015600125
- Size
  
  33KB
- MD5
  
  67778d13af92bbb89b67c16aa89728a0
- SHA1
  
  1df01bdaf7f4f2ec28d499ec38407d5f2b9107eb
- SHA256
  
  ffe9888ec912499bfeac9da9d744dacdb09f1273b2f3c67b82b52b2015600125
- SHA512
  
  5f804ece404105967230886b005f84c8e5351222f225c01043140868c20c9309851b893db46972e886e5b60de3614f2c97ec026efc0a5d1e13353f7ff4c31f77
- SSDEEP
  
  768:xxuFP38MZMMc5R1fMrWu4pBKgH0yZrcO1QF2CTn596D5OuPZJ:xmfv+64pBKFy1uIfD5OuhJ
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2