63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416 | Triage

Submit
Reports

Overview

overview

8

Static

static

63772e123f...16.exe

windows7-x64

8

63772e123f...16.exe

windows10-2004-x64

8

Sharing

General

Target

63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416
Size

935KB
Sample

221125-pqa9vage94
MD5

989180f259e41b2933c268488b2c486f
SHA1

a200799639c385838c924685c178736acfc08f3d
SHA256

63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416
SHA512

9171c6b1a00463e777bd7f0d6ee6705c34998d43204d12e4de02dc880df8bd20ba3abca72ed9d1f11d0046c30c0d102ca36bff1602fb7c8f2f0436a099a0a2b0
SSDEEP

12288:p5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4G:pyHv5Z+Wzv7AiBll0OBWi6si9Gn

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416
- Size
  
  935KB
- MD5
  
  989180f259e41b2933c268488b2c486f
- SHA1
  
  a200799639c385838c924685c178736acfc08f3d
- SHA256
  
  63772e123f3e393e679d0d87df9631573c69eb714b6f2b6c0594334a605d4416
- SHA512
  
  9171c6b1a00463e777bd7f0d6ee6705c34998d43204d12e4de02dc880df8bd20ba3abca72ed9d1f11d0046c30c0d102ca36bff1602fb7c8f2f0436a099a0a2b0
- SSDEEP
  
  12288:p5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4G:pyHv5Z+Wzv7AiBll0OBWi6si9Gn
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy