9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048 | Triage

Submit
Reports

Overview

overview

8

Static

static

9bdca7c851...48.exe

windows7-x64

8

9bdca7c851...48.exe

windows10-2004-x64

1

Sharing

General

Target

9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048
Size

63KB
Sample

221125-h7m7eaag22
MD5

8b717d8de3dcc7e0e9958637cc1cd9d2
SHA1

bd17a236cceb84054dd7a202ce5b25bb141618bd
SHA256

9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048
SHA512

fcc6eb881305b3fcfc17daa2dc04f368d464a7c6aaad1f8652bfa12f5edadf0125e7cb9b9fb3447c78bfa49a5d11982c7dc1eb3db8c90293bdaaffa7b133bbd2
SSDEEP

768:pG9r4iGhVLbNxSKoiyhovjdcEDB53qn5x0WSwuLcNz8RYYTqeghrP6pcR:pG9GhVlxjO4jdf05IrYaCYwic

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048
- Size
  
  63KB
- MD5
  
  8b717d8de3dcc7e0e9958637cc1cd9d2
- SHA1
  
  bd17a236cceb84054dd7a202ce5b25bb141618bd
- SHA256
  
  9bdca7c851c0367daa64a38159e7632670a140d3e2d94aa7b9fb14396b0a1048
- SHA512
  
  fcc6eb881305b3fcfc17daa2dc04f368d464a7c6aaad1f8652bfa12f5edadf0125e7cb9b9fb3447c78bfa49a5d11982c7dc1eb3db8c90293bdaaffa7b133bbd2
- SSDEEP
  
  768:pG9r4iGhVLbNxSKoiyhovjdcEDB53qn5x0WSwuLcNz8RYYTqeghrP6pcR:pG9GhVlxjO4jdf05IrYaCYwic
Score

8^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy