Overview

overview

8

Static

static

8

11c5227567...c4.exe

windows7-x64

8

11c5227567...c4.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

  • Size

    988KB

  • Sample

    221002-y1ppnahbc5

  • MD5

    01929dc6a6c275ad014cc8b40f4c7878

  • SHA1

    d6f1f9a3ece3fa0d00b4d763a58c77de7e9fdb3c

  • SHA256

    11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

  • SHA512

    558c1833fbac3e4176275707eaba13e2e2a4022ee8f00817b502d0f3d7bd475bf3573b60672173361b9140b8959dc0531691e4525347998790ac5580fde8f03e

  • SSDEEP

    12288:ayELQDEI04EAihYHfXNc3pW0MIVABevVn9b2tvrra:7ELQpY0c3pW0P6Be9nMt

Score
8/10
microsoftpersistencephishingupx

Malware Config

Targets

    • Target

      11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

    • Size

      988KB

    • MD5

      01929dc6a6c275ad014cc8b40f4c7878

    • SHA1

      d6f1f9a3ece3fa0d00b4d763a58c77de7e9fdb3c

    • SHA256

      11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

    • SHA512

      558c1833fbac3e4176275707eaba13e2e2a4022ee8f00817b502d0f3d7bd475bf3573b60672173361b9140b8959dc0531691e4525347998790ac5580fde8f03e

    • SSDEEP

      12288:ayELQDEI04EAihYHfXNc3pW0MIVABevVn9b2tvrra:7ELQpY0c3pW0P6Be9nMt

    Score
    8/10
    upxmicrosoftpersistencephishing

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Tasks