010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180 | Triage

Submit
Reports

Overview

overview

Static

static

010ab25cc5...80.exe

windows7-x64

010ab25cc5...80.exe

windows10-2004-x64

8

Sharing

General

Target

010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180
Size

484KB
Sample

221123-l18rbagb8x
MD5

5e14b3f5507e3d056b2db5002ba3dd43
SHA1

91733b4f74aa40de0b67b6249fc103663bf055e9
SHA256

010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180
SHA512

586d9bc00279d8f91ac197038362647368ae0bdb92887e6f718cc402bba7db927f6becfac343de3e73cf12627c65350ebb50c67516bb00c5c252241742f50f72
SSDEEP

12288:zoUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:792ILECd0R15XZS3QafpDNUQ

Score

10^/10

evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180
- Size
  
  484KB
- MD5
  
  5e14b3f5507e3d056b2db5002ba3dd43
- SHA1
  
  91733b4f74aa40de0b67b6249fc103663bf055e9
- SHA256
  
  010ab25cc50fd20c42e81f0e9f008c033cce51553634e3b00bcf5be183008180
- SHA512
  
  586d9bc00279d8f91ac197038362647368ae0bdb92887e6f718cc402bba7db927f6becfac343de3e73cf12627c65350ebb50c67516bb00c5c252241742f50f72
- SSDEEP
  
  12288:zoUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:792ILECd0R15XZS3QafpDNUQ
Score

10^/10

evasion persistence upx
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

© 2018-2024

Terms | Privacy