f38e002de598e2c9edc69ed6333479ca2479a721ac7459219cfb43c124572063

General

Target

f38e002de598e2c9edc69ed6333479ca2479a721ac7459219cfb43c124572063
Size

1004KB
Sample

221020-xx377sbae6
MD5

9064bfc5f171c596a43ab747130a73f0
SHA1

6239b5fe881657ae9a084fb2644bf5ee1aed5390
SHA256

f38e002de598e2c9edc69ed6333479ca2479a721ac7459219cfb43c124572063
SHA512

fd580a40df68c7c308b3da3345ef6832a7d66e10cc2396e5489e76ab2b0ee1aed55c42f6ffa9801d08016b5b248af18a81ae12820a0b41276a503b5a4a38c33a
SSDEEP

12288:XNGtL/dB9R+PuPbp+UFGyzL2CE2rspPjzhGuk6:XNAL/jj0UF1nyfpPjzhY6

Score

8^/10

Malware Config

Targets

- Target
  
  f38e002de598e2c9edc69ed6333479ca2479a721ac7459219cfb43c124572063
- Size
  
  1004KB
- MD5
  
  9064bfc5f171c596a43ab747130a73f0
- SHA1
  
  6239b5fe881657ae9a084fb2644bf5ee1aed5390
- SHA256
  
  f38e002de598e2c9edc69ed6333479ca2479a721ac7459219cfb43c124572063
- SHA512
  
  fd580a40df68c7c308b3da3345ef6832a7d66e10cc2396e5489e76ab2b0ee1aed55c42f6ffa9801d08016b5b248af18a81ae12820a0b41276a503b5a4a38c33a
- SSDEEP
  
  12288:XNGtL/dB9R+PuPbp+UFGyzL2CE2rspPjzhGuk6:XNAL/jj0UF1nyfpPjzhY6
Score

8^/10

discovery evasion persistence trojan upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Deletes itself
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds policy Run key to start application

Executes dropped EXE

UPX packed file

Checks BIOS information in registry

Deletes itself

Loads dropped DLL

Checks installed software on the system

Checks whether UAC is enabled

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2