Overview

overview

8

Static

static

8

2f1d831a0e...ce.exe

windows7-x64

8

2f1d831a0e...ce.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f1d831a0ebeed664c27b82568db1670969135b8606244647a555e339ae15dce

  • Size

    289KB

  • Sample

    221128-cs2tcsce6t

  • MD5

    e1ce65fb41b58426865d8077defc3d77

  • SHA1

    5725e0ac07806ed0fc1c424015962d538379e675

  • SHA256

    2f1d831a0ebeed664c27b82568db1670969135b8606244647a555e339ae15dce

  • SHA512

    753703b0d2ab53306636edd181eaceb69cfc072e1add889e1102cbd021a497f7e9e1ae47be496b4489a6ab01cf2110caa5653266a91f25476bf8fcf03aeaee04

  • SSDEEP

    6144:pchQ+B3/4YIJ8m1MxUyRzoVOBlYQflIGa:pch3BP4BJTM6++OBlYERa

Score
8/10
aspackv2persistenceupx

Malware Config

Targets

    • Target

      2f1d831a0ebeed664c27b82568db1670969135b8606244647a555e339ae15dce

    • Size

      289KB

    • MD5

      e1ce65fb41b58426865d8077defc3d77

    • SHA1

      5725e0ac07806ed0fc1c424015962d538379e675

    • SHA256

      2f1d831a0ebeed664c27b82568db1670969135b8606244647a555e339ae15dce

    • SHA512

      753703b0d2ab53306636edd181eaceb69cfc072e1add889e1102cbd021a497f7e9e1ae47be496b4489a6ab01cf2110caa5653266a91f25476bf8fcf03aeaee04

    • SSDEEP

      6144:pchQ+B3/4YIJ8m1MxUyRzoVOBlYQflIGa:pch3BP4BJTM6++OBlYERa

    Score
    8/10
    aspackv2persistenceupx

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Sets DLL path for service in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks