58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2 | Triage

Submit
Reports

Overview

overview

Static

static

9

58dd22fb5a...b2.exe

windows7-x64

58dd22fb5a...b2.exe

windows10-2004-x64

8

Sharing

General

Target

58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2
Size

60KB
Sample

221002-qqfd8sacdk
MD5

6cb9dbdb8daa4e7aabbb12753f185270
SHA1

85241c06143e9d1b1800b9292f604dbe35018d6e
SHA256

58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2
SHA512

a8f170b188874780aae114975f3dbdbd9ab9f8ddd71718546e0973124affbdba074fe6b7c456f55255a147a766c211a09156d27b2619d229aeb144e71dcafb9c
SSDEEP

768:0yki1Fqicx9IrQFmUuTK1n39AQdoxZ8IL7kA1yUchp/vs/zDvo2rPsoCK+UJv:9kSncCU/1KqokIfFchp/vezVTsV

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2.exe

Resource

win7-20220901-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2
- Size
  
  60KB
- MD5
  
  6cb9dbdb8daa4e7aabbb12753f185270
- SHA1
  
  85241c06143e9d1b1800b9292f604dbe35018d6e
- SHA256
  
  58dd22fb5aa1d04d6aeb9640c5b08e5aa0c483cb802b57bf43d7f3a45f4f08b2
- SHA512
  
  a8f170b188874780aae114975f3dbdbd9ab9f8ddd71718546e0973124affbdba074fe6b7c456f55255a147a766c211a09156d27b2619d229aeb144e71dcafb9c
- SSDEEP
  
  768:0yki1Fqicx9IrQFmUuTK1n39AQdoxZ8IL7kA1yUchp/vs/zDvo2rPsoCK+UJv:9kSncCU/1KqokIfFchp/vezVTsV
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy