6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277 | Triage

Submit
Reports

Overview

overview

Static

static

6113d49324...77.exe

windows7-x64

6113d49324...77.exe

windows10-2004-x64

8

Sharing

General

Target

6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277
Size

288KB
Sample

221004-fy7hksdfb8
MD5

5ae73a70f10a010d5469d46890b5c166
SHA1

fc8ca59aca7d4a68eecade2feae2167e67b532d7
SHA256

6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277
SHA512

748d0918a4c5cfee67ee2f3533799f41ba17aa85e4ee18b991664a1054a7d1eb678736dcaad5f26663a1d908f8d7cfe972698f5576ed381d308930c9f0e5b408
SSDEEP

3072:sxf02hqbJ1y4GNq5jz+/YiMaRzKMr36FfKl/9Ayye+v6dYoR0OqHOeXzz:eqHGoq/TMTMeW/9JD+wR0OqueDz

Score

10^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277
- Size
  
  288KB
- MD5
  
  5ae73a70f10a010d5469d46890b5c166
- SHA1
  
  fc8ca59aca7d4a68eecade2feae2167e67b532d7
- SHA256
  
  6113d49324a8d71d1d4df1b6882232076e3651956a59a35a3c348c0d3acae277
- SHA512
  
  748d0918a4c5cfee67ee2f3533799f41ba17aa85e4ee18b991664a1054a7d1eb678736dcaad5f26663a1d908f8d7cfe972698f5576ed381d308930c9f0e5b408
- SSDEEP
  
  3072:sxf02hqbJ1y4GNq5jz+/YiMaRzKMr36FfKl/9Ayye+v6dYoR0OqHOeXzz:eqHGoq/TMTMeW/9JD+wR0OqueDz
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy