892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5 | Triage

Submit
Reports

Overview

overview

Static

static

892109f5a0...b5.exe

windows7-x64

892109f5a0...b5.exe

windows10-2004-x64

Sharing

General

Target

892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5
Size

3.2MB
Sample

221125-jcl7asbb28
MD5

b7a3810e62d2154b356267f64746d0cb
SHA1

f80e3f795beb0003c38d5dfc0544f0a677f01c6e
SHA256

892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5
SHA512

11594d377ee238d365c4250842ed51750abd8369e592bf34f0ec1b166f273f68733716b6f9d0f494d6bf27205dbf1b38a46fb833078383862c30649d8f1c989d
SSDEEP

98304:HityitqjVG2Dj8eGp3FjnANhDB8bdeZZu26mSUstHJii:HTFj8jp3FjAvOe4fmcpj

Score

10^/10

evasion persistence trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5.exe

Resource

win7-20221111-en

evasion persistence trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5.exe

Resource

win10v2004-20220901-en

evasion persistence trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5
- Size
  
  3.2MB
- MD5
  
  b7a3810e62d2154b356267f64746d0cb
- SHA1
  
  f80e3f795beb0003c38d5dfc0544f0a677f01c6e
- SHA256
  
  892109f5a0998026fd22f457a8cf84f9e0585e3de8e01b9348dc379938b258b5
- SHA512
  
  11594d377ee238d365c4250842ed51750abd8369e592bf34f0ec1b166f273f68733716b6f9d0f494d6bf27205dbf1b38a46fb833078383862c30649d8f1c989d
- SSDEEP
  
  98304:HityitqjVG2Dj8eGp3FjnANhDB8bdeZZu26mSUstHJii:HTFj8jp3FjAvOe4fmcpj
Score

10^/10

evasion persistence trojan upx
- UAC bypass
  evasion trojan
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojanupx

behavioral2

evasionpersistencetrojanupx

© 2018-2024

Terms | Privacy