c4bd72f5c71bb9ea177927a4bf73e8603ee2c9dc21a5846f7484efa686b40a3b | Triage

Sharing

General

Target

c4bd72f5c71bb9ea177927a4bf73e8603ee2c9dc21a5846f7484efa686b40a3b
Size

1.8MB
Sample

221124-yalkbahd41
MD5

ea93719d814a91c40594d8c2344904da
SHA1

a0a96c68208bebb1c4e8717c207e875b50884ad5
SHA256

c4bd72f5c71bb9ea177927a4bf73e8603ee2c9dc21a5846f7484efa686b40a3b
SHA512

5cbf3b262c3409cac1ab970710757f21942bd7d8202bfa4ab1cd0471280e9a39218f0adb48705cd2ab5fd35e5d456828af1da212e3ca07e7b4f1471590c1ff87
SSDEEP

49152:M9yXoSK6bNIUoMmRoBCvyzUuKN30DhtEYrAHgQvz5fP7eErVt9Hw:zXnbyUWRo06zPKNcX7r6gQvz5fP7bb9Q

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  comprovante_pagamento_Anexo.exe
- Size
  
  1.8MB
- MD5
  
  e8846d41953cb068bc5ed2b0e2cba62f
- SHA1
  
  16620934e35832dd2a2b45a83e6ef33e70b6dc33
- SHA256
  
  e6378892713c1caa7b346891f2fb04e01de5e061476228f463e0932995584c57
- SHA512
  
  a5e2cff3d93085dc7c10106d69e25723992921a5b8ceb57af5f0a1d7b5245f073079eb0d4abbbec84c3625c9668003076fca02b7069698450b9caf4e3a4c8c89
- SSDEEP
  
  49152:3n0nwnGlgvBD/DExH7G9AWiA5bY0yF2FXzf2H:3n0sCgvBD/eG9AWHYDoFXzf2H
Score

8^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2