3cc79f976a6cbc39e762f06edd581b4e51b4ca91393a6ecdf6b42bd97a1a36ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc79f976a6cbc39e762f06edd581b4e51b4ca91393a6ecdf6b42bd97a1a36ae
Size

749KB
Sample

221106-k5qkvsfebr
MD5

11a2ef083fe79538da5a910d90677cbd
SHA1

cfc6cdd63b15893b0565943fc0ea941c6fce93f5
SHA256

3cc79f976a6cbc39e762f06edd581b4e51b4ca91393a6ecdf6b42bd97a1a36ae
SHA512

c849fa94243e0c6204d0a452e9aeed1ce896507b24b371a7110b893c07847ffa4b47dd2eaa2d650ca9a4fd1c469d1c66f80abd8e0708c1ad9c88d431311fe65c
SSDEEP

12288:OBE1uSFshF3T9S3RQ9MurzpfvK0Ib8m/m2rDnvNTyzj/jcsA9+aJBuWVBVag1YnZ:CuFshF3ROMxJIbR/mYxyK9+aJBuGcB

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  3cc79f976a6cbc39e762f06edd581b4e51b4ca91393a6ecdf6b42bd97a1a36ae
- Size
  
  749KB
- MD5
  
  11a2ef083fe79538da5a910d90677cbd
- SHA1
  
  cfc6cdd63b15893b0565943fc0ea941c6fce93f5
- SHA256
  
  3cc79f976a6cbc39e762f06edd581b4e51b4ca91393a6ecdf6b42bd97a1a36ae
- SHA512
  
  c849fa94243e0c6204d0a452e9aeed1ce896507b24b371a7110b893c07847ffa4b47dd2eaa2d650ca9a4fd1c469d1c66f80abd8e0708c1ad9c88d431311fe65c
- SSDEEP
  
  12288:OBE1uSFshF3T9S3RQ9MurzpfvK0Ib8m/m2rDnvNTyzj/jcsA9+aJBuWVBVag1YnZ:CuFshF3ROMxJIbR/mYxyK9+aJBuGcB
Score

8^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2