5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1 | Triage

Submit
Reports

Overview

overview

8

Static

static

5e5aa0e870...d1.exe

windows7-x64

8

5e5aa0e870...d1.exe

windows10-2004-x64

8

Sharing

General

Target

5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1
Size

935KB
Sample

221125-px46hahb47
MD5

5480c41fe2b93e90f23bfa1de32b3a78
SHA1

e7186efaf9f6d0292d8b768b060b55299c9af75c
SHA256

5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1
SHA512

8908c6144315a5a2c51000b4210a92a8f7743296714423d33daca043f3d0bd2cb8091ec24edda173f18b5357011c70d2bae94b60f01cd818c05d8d812ff5ac90
SSDEEP

12288:J5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4R:JyHv5Z+Wzv7AiBll0OBWi6si9GI

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1.exe

Resource

win7-20220901-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1
- Size
  
  935KB
- MD5
  
  5480c41fe2b93e90f23bfa1de32b3a78
- SHA1
  
  e7186efaf9f6d0292d8b768b060b55299c9af75c
- SHA256
  
  5e5aa0e870c9a8e96a3d62e79556bd3b8bcc5777b0cdd6fd7bb51c575c1809d1
- SHA512
  
  8908c6144315a5a2c51000b4210a92a8f7743296714423d33daca043f3d0bd2cb8091ec24edda173f18b5357011c70d2bae94b60f01cd818c05d8d812ff5ac90
- SSDEEP
  
  12288:J5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4R:JyHv5Z+Wzv7AiBll0OBWi6si9GI
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy