211be80bbab4b878ecce1d42c5191cfd9a2575bfa4fa0e05906d6e7bb3b28775 | Triage

Submit
Reports

Overview

overview

8

Static

static

chew-wga09windows.zip

windows7-x64

8

chew-wga09windows.zip

windows10-2004-x64

6

Sharing

General

Target

chew-wga09windows.zip
Size

8.8MB
Sample

221112-tz6vbsbg7w
MD5

9a2eceb09cdea9a5767db6b5ae761432
SHA1

8913a8cc829e61bef7f38f7953655e33e52356c5
SHA256

211be80bbab4b878ecce1d42c5191cfd9a2575bfa4fa0e05906d6e7bb3b28775
SHA512

ae5d8c57ba1699d91110bf6a78505843bc02fa5b79716947ef18a8ba070f67e35bb0985a1011a7d20977aa03431786695d33f7c6f0a06fecf13d109de64843a9
SSDEEP

196608:uq5hul04G65AMYTyMUWkK3RVGKIyUXgwybiPifLOXP6lKMsMlnh2U0Mzz:bql04dAtTUqVGZjXgwyLSMKVAh2sn

Score

8^/10

discovery exploit persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

chew-wga09windows.zip

Resource

win7-20220812-en

discovery exploit upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

chew-wga09windows.zip

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  chew-wga09windows.zip
- Size
  
  8.8MB
- MD5
  
  9a2eceb09cdea9a5767db6b5ae761432
- SHA1
  
  8913a8cc829e61bef7f38f7953655e33e52356c5
- SHA256
  
  211be80bbab4b878ecce1d42c5191cfd9a2575bfa4fa0e05906d6e7bb3b28775
- SHA512
  
  ae5d8c57ba1699d91110bf6a78505843bc02fa5b79716947ef18a8ba070f67e35bb0985a1011a7d20977aa03431786695d33f7c6f0a06fecf13d109de64843a9
- SSDEEP
  
  196608:uq5hul04G65AMYTyMUWkK3RVGKIyUXgwybiPifLOXP6lKMsMlnh2U0Mzz:bql04dAtTUqVGZjXgwyLSMKVAh2sn
Score

8^/10

discovery exploit upx persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploitupx

behavioral2

© 2018-2024

Terms | Privacy