e40ea3087bba621451b7521aa4ea7eab1432b377e8be0e8130e7296c647f35c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e40ea3087bba621451b7521aa4ea7eab1432b377e8be0e8130e7296c647f35c2
Size

769KB
Sample

221106-hxqvjshcd6
MD5

1fed58882a7fa16bf0a071a8635b1ccd
SHA1

a9b19e713164ac0d69ace68778423d49934bfdef
SHA256

e40ea3087bba621451b7521aa4ea7eab1432b377e8be0e8130e7296c647f35c2
SHA512

4f9556081ca716ff97635038d61eb16366741c069148fd0aa9e96e089482f322dd974fe01bb53a446b6d1ddd05107e42b93138350a225dcaca601cbd6d9d321c
SSDEEP

24576:xfPiEOs/MMpToxxWOoC4QD2EBu/9kECgRwvwz:xnvh/Lk/ohCBGBCfvw

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  e40ea3087bba621451b7521aa4ea7eab1432b377e8be0e8130e7296c647f35c2
- Size
  
  769KB
- MD5
  
  1fed58882a7fa16bf0a071a8635b1ccd
- SHA1
  
  a9b19e713164ac0d69ace68778423d49934bfdef
- SHA256
  
  e40ea3087bba621451b7521aa4ea7eab1432b377e8be0e8130e7296c647f35c2
- SHA512
  
  4f9556081ca716ff97635038d61eb16366741c069148fd0aa9e96e089482f322dd974fe01bb53a446b6d1ddd05107e42b93138350a225dcaca601cbd6d9d321c
- SSDEEP
  
  24576:xfPiEOs/MMpToxxWOoC4QD2EBu/9kECgRwvwz:xnvh/Lk/ohCBGBCfvw
Score

8^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2