2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a | Triage

Submit
Reports

Overview

overview

Static

static

8

2eff3a21d1...1a.exe

windows7-x64

2eff3a21d1...1a.exe

windows10-2004-x64

Sharing

General

Target

2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a
Size

351KB
Sample

221030-gv83nsgbal
MD5

a2d5afadbfb11aed3bbf95fe0cf174d0
SHA1

5219f2faf74d1717a2589c398eed1aec5caca551
SHA256

2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a
SHA512

ff986d46123f77e761becc779e22228ac257bc27f56e22791749d58a3e4f3600f00ad693ff37420260f4f01c74c0c6d19e9c889da1313a2aa50c157b365a737c
SSDEEP

6144:rVBU/tylqpk//mRuk//m4k//mRvk//mn:yfW2p2l222

Score

10^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a.exe

Resource

win7-20220812-en

evasion persistence upx

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a.exe

Resource

win10v2004-20220812-en

evasion persistence upx

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a
- Size
  
  351KB
- MD5
  
  a2d5afadbfb11aed3bbf95fe0cf174d0
- SHA1
  
  5219f2faf74d1717a2589c398eed1aec5caca551
- SHA256
  
  2eff3a21d1e060daefd86df50bd68f6d2a66ed2f37b97d2d1370e8de5586241a
- SHA512
  
  ff986d46123f77e761becc779e22228ac257bc27f56e22791749d58a3e4f3600f00ad693ff37420260f4f01c74c0c6d19e9c889da1313a2aa50c157b365a737c
- SSDEEP
  
  6144:rVBU/tylqpk//mRuk//m4k//mRvk//mn:yfW2p2l222
Score

10^/10

evasion persistence upx
- Modifies system executable filetype association
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops startup file
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy