8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba | Triage

Submit
Reports

Overview

overview

8

Static

static

8f1ccc02e9...ba.exe

windows7-x64

8

8f1ccc02e9...ba.exe

windows10-2004-x64

8

Sharing

General

Target

8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba
Size

178KB
Sample

221123-qzb36sfc35
MD5

4a05f5a287555306a426e091d5fdf770
SHA1

3fab28a236c180d071f054d2ac183ef59ec243c4
SHA256

8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba
SHA512

586500a7d432315ad3d0ad67c9be4334a5e9d6d2312025762b9c88748d112b6667f13c1f9d4662c18792778381f2faf7a7fcfe594605fc3c8901e8cfda86c9a5
SSDEEP

3072:Kw1ucErj94+cpbr5aHNSb34Qpc06482+p4TtM0y13KUwbt:GnIbrUHU9cT4lwMM0ywUwbt

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba
- Size
  
  178KB
- MD5
  
  4a05f5a287555306a426e091d5fdf770
- SHA1
  
  3fab28a236c180d071f054d2ac183ef59ec243c4
- SHA256
  
  8f1ccc02e99adc67b76a316c35aa86d1f52ffc2347b719d00faed8e80b9268ba
- SHA512
  
  586500a7d432315ad3d0ad67c9be4334a5e9d6d2312025762b9c88748d112b6667f13c1f9d4662c18792778381f2faf7a7fcfe594605fc3c8901e8cfda86c9a5
- SSDEEP
  
  3072:Kw1ucErj94+cpbr5aHNSb34Qpc06482+p4TtM0y13KUwbt:GnIbrUHU9cT4lwMM0ywUwbt
Score

8^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy