008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9 | Triage

Submit
Reports

Overview

overview

8

Static

static

008f175a8c...c9.exe

windows7-x64

8

008f175a8c...c9.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9
Size

935KB
Sample

221125-vbl1paef7v
MD5

a1e198a3ae84e8914d8babda2c29aeed
SHA1

93bb0944bca67556c8d7f96701b98098453fa726
SHA256

008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9
SHA512

7ee117e5416c9088041b4544b8b34e1c889e3df131c2f166dd5a54b642ef778a02a7c8b1de28d8d6b6cb6fe942a24f7565e686cfd74dd3ab55908586c26ff014
SSDEEP

12288:p5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4v:pyHv5Z+Wzv7AiBll0OBWi6si9GG

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9
- Size
  
  935KB
- MD5
  
  a1e198a3ae84e8914d8babda2c29aeed
- SHA1
  
  93bb0944bca67556c8d7f96701b98098453fa726
- SHA256
  
  008f175a8c2ce8a2365695f2ba680fcc9bae73626f165d925f48dfdecd3ad4c9
- SHA512
  
  7ee117e5416c9088041b4544b8b34e1c889e3df131c2f166dd5a54b642ef778a02a7c8b1de28d8d6b6cb6fe942a24f7565e686cfd74dd3ab55908586c26ff014
- SSDEEP
  
  12288:p5Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4v:pyHv5Z+Wzv7AiBll0OBWi6si9GG
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy