Overview

overview

10

Static

static

74d2afb38c...ed.exe

windows7-x64

10

74d2afb38c...ed.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    74d2afb38cf1f293939adaa58cf60d8f1a61a92c2feb9d3fe4196e333216d5ed

  • Size

    38KB

  • Sample

    221126-3hz5wsgd7s

  • MD5

    599e4e9bf991990ea6b3722487208d10

  • SHA1

    1f1e76528db697e5cb7402f64e6855cdb99637d9

  • SHA256

    74d2afb38cf1f293939adaa58cf60d8f1a61a92c2feb9d3fe4196e333216d5ed

  • SHA512

    e1273d538143a8f467352570455e954ee60ba5775a17eefec031e46e5bd3405873437c205338b293499039f274a524961b6f4aa1af7249a938f57afb0e85274e

  • SSDEEP

    768:7Q12v5f/C0LcqOcRQAHPpnFlqGZeAMsuYL11R7ThQkx0n:7Jv4UJv7kGZGst51RGkx

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      74d2afb38cf1f293939adaa58cf60d8f1a61a92c2feb9d3fe4196e333216d5ed

    • Size

      38KB

    • MD5

      599e4e9bf991990ea6b3722487208d10

    • SHA1

      1f1e76528db697e5cb7402f64e6855cdb99637d9

    • SHA256

      74d2afb38cf1f293939adaa58cf60d8f1a61a92c2feb9d3fe4196e333216d5ed

    • SHA512

      e1273d538143a8f467352570455e954ee60ba5775a17eefec031e46e5bd3405873437c205338b293499039f274a524961b6f4aa1af7249a938f57afb0e85274e

    • SSDEEP

      768:7Q12v5f/C0LcqOcRQAHPpnFlqGZeAMsuYL11R7ThQkx0n:7Jv4UJv7kGZGst51RGkx

    Score
    10/10
    evasionpersistencetrojanupx

    • UAC bypass

      evasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Disables use of System Restore points

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks