650f207b89e58693a60923f1ded7f8dec7e8816b6e337bd463f813d8ec1f1405 | Triage

Sharing

General

Target

650f207b89e58693a60923f1ded7f8dec7e8816b6e337bd463f813d8ec1f1405
Size

56KB
Sample

221123-xf2caaeh68
MD5

1b7ff1f8a5a8bf15703b92604c06f3fb
SHA1

7be0b13356bee4d674329427adaa087b77845c76
SHA256

650f207b89e58693a60923f1ded7f8dec7e8816b6e337bd463f813d8ec1f1405
SHA512

16a9fd2881a83e248daa3b401b3bda2a6cac552e023dcd5a3f7f5ec46de7c1fead8ef224467938007cea8da296f13806b9aae743474aaef1f6f80a537a904eb8
SSDEEP

1536:zIyyDPaYFzAPrZ8kc6oQWsPID281BullyaJy:07dzAPrGGIG4

Score

10^/10

evasion persistence upx

Malware Config

Targets

- Target
  
  650f207b89e58693a60923f1ded7f8dec7e8816b6e337bd463f813d8ec1f1405
- Size
  
  56KB
- MD5
  
  1b7ff1f8a5a8bf15703b92604c06f3fb
- SHA1
  
  7be0b13356bee4d674329427adaa087b77845c76
- SHA256
  
  650f207b89e58693a60923f1ded7f8dec7e8816b6e337bd463f813d8ec1f1405
- SHA512
  
  16a9fd2881a83e248daa3b401b3bda2a6cac552e023dcd5a3f7f5ec46de7c1fead8ef224467938007cea8da296f13806b9aae743474aaef1f6f80a537a904eb8
- SSDEEP
  
  1536:zIyyDPaYFzAPrZ8kc6oQWsPID281BullyaJy:07dzAPrGGIG4
Score

10^/10

persistence evasion upx
- Modifies firewall policy service
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2