02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5 | Triage

Submit
Reports

Overview

overview

Static

static

8

02f1709cc2...e5.exe

windows7-x64

02f1709cc2...e5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5
Size

4.2MB
Sample

221029-d34ldaacd4
MD5

b110969a23f86001b9de7f0cab7b888d
SHA1

ca276916db0cc3c19f8cf864d2e9fcb13ec0ea3a
SHA256

02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5
SHA512

8dc8eca0294b096a4a17fcf6ee218d27a67949ff03dfe6f1dcc1b5f7cf14b4b69f8bb41b08f0b85e16a53c84d0a568ddfd7b47aa9c6491d530733eb3d93e2ae6
SSDEEP

24576:neZJ8NI85OseZJ8NI85OseZJ8NI85OseZJ8NI85OseZJ8NI85OVeZJ8NI85OseZ/:o8G8G8G8G8J8G8G8G8G8S

Score

10^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5.exe

Resource

win7-20220901-en

evasion persistence upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5
- Size
  
  4.2MB
- MD5
  
  b110969a23f86001b9de7f0cab7b888d
- SHA1
  
  ca276916db0cc3c19f8cf864d2e9fcb13ec0ea3a
- SHA256
  
  02f1709cc2b70865ab3e86d61bba71e8acde231f28277e99fd0edde10a9f27e5
- SHA512
  
  8dc8eca0294b096a4a17fcf6ee218d27a67949ff03dfe6f1dcc1b5f7cf14b4b69f8bb41b08f0b85e16a53c84d0a568ddfd7b47aa9c6491d530733eb3d93e2ae6
- SSDEEP
  
  24576:neZJ8NI85OseZJ8NI85OseZJ8NI85OseZJ8NI85OseZJ8NI85OVeZJ8NI85OseZ/:o8G8G8G8G8J8G8G8G8G8S
Score

10^/10

evasion persistence upx
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

© 2018-2025

Terms | Privacy