38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2 | Triage

Submit
Reports

Overview

overview

Static

static

38a71fd7cf...e2.exe

windows7-x64

8

38a71fd7cf...e2.exe

windows10-2004-x64

Sharing

General

Target

38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2
Size

535KB
Sample

221029-a6lcesefcr
MD5

0aae78a4a888e824fc88bb7c5cabf350
SHA1

5c2e41298dc69b9fa0dea0c6ef0a859ccb8c33bd
SHA256

38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2
SHA512

d32b60719f53ba8a4bdfcfed4f2fe04b57aed6b2451b41628573783c1368c85a40d6fcfe7af1237447f8e863b1430dd92c9cb3b4c30d1762fe335f90be5096db
SSDEEP

12288:jDGtA8fkJ7JMaSJWozGASNswD3MGaawq94c5jMQAVeHdLEjtM+Hgn5:j78K53oaN/7l94cVA+dEtMfn5

Score

10^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2
- Size
  
  535KB
- MD5
  
  0aae78a4a888e824fc88bb7c5cabf350
- SHA1
  
  5c2e41298dc69b9fa0dea0c6ef0a859ccb8c33bd
- SHA256
  
  38a71fd7cfccf4a5ce91293550dc8e47102be26c598f3fba5a7c29a19cb57de2
- SHA512
  
  d32b60719f53ba8a4bdfcfed4f2fe04b57aed6b2451b41628573783c1368c85a40d6fcfe7af1237447f8e863b1430dd92c9cb3b4c30d1762fe335f90be5096db
- SSDEEP
  
  12288:jDGtA8fkJ7JMaSJWozGASNswD3MGaawq94c5jMQAVeHdLEjtM+Hgn5:j78K53oaN/7l94cVA+dEtMfn5
Score

10^/10

upx persistence
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops startup file
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy