c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30 | Triage

Submit
Reports

Overview

overview

Static

static

c0d5dfe74e...30.exe

windows7-x64

c0d5dfe74e...30.exe

windows10-2004-x64

Sharing

General

Target

c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30
Size

132KB
Sample

221003-gdbe3saaa9
MD5

6aea36d71ad1b2233ee7bcbc56da372c
SHA1

fea9859246847b749b7c1a94288c8e0555a5c07c
SHA256

c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30
SHA512

bf9bcea0a3ff69de1c6e63a4ba0f14e934fd9b71e1aeedec60f6c29d0dbe5c9ceb324cc0a4218bde97142120808493e2830fd0deed8e4bfd8d01bf188c45d317
SSDEEP

3072:dymaiGujNQyxJJfShIf0KKUOf8IKaLliSiEVsHA:Qm/j7B+cHOyaL1iA

Score

10^/10

evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30.exe

Resource

win7-20220901-en

evasion persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30.exe

Resource

win10v2004-20220812-en

evasion persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30
- Size
  
  132KB
- MD5
  
  6aea36d71ad1b2233ee7bcbc56da372c
- SHA1
  
  fea9859246847b749b7c1a94288c8e0555a5c07c
- SHA256
  
  c0d5dfe74e781d36d80d9292cb065c0a42beb3b4fb683dc1edefb34691b1ea30
- SHA512
  
  bf9bcea0a3ff69de1c6e63a4ba0f14e934fd9b71e1aeedec60f6c29d0dbe5c9ceb324cc0a4218bde97142120808493e2830fd0deed8e4bfd8d01bf188c45d317
- SSDEEP
  
  3072:dymaiGujNQyxJJfShIf0KKUOf8IKaLliSiEVsHA:Qm/j7B+cHOyaL1iA
Score

10^/10

evasion persistence upx
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy