04a09091d1d59ed0848cb7747ada8ba2a5cebe06595382c2a641c1ac1c7045ac | Triage

Sharing

General

Target

04a09091d1d59ed0848cb7747ada8ba2a5cebe06595382c2a641c1ac1c7045ac
Size

543KB
Sample

221128-ecxktagf2x
MD5

f2bf2ccce67ddbb35416ad1446fbe272
SHA1

75e8b2e1a68f69c6b518c7c8f9dcd9ef8e1a1323
SHA256

04a09091d1d59ed0848cb7747ada8ba2a5cebe06595382c2a641c1ac1c7045ac
SHA512

bd7cb9b084e77d769996d5a9cddbf961690fcd546fe50e1c086f78d14f0458abcef518fe7613a07b77d595ad8c764eb4d5eb27174dc9ab6c97f6d44bb4c79e2e
SSDEEP

6144:SRMLwiZtLix78pD/AUFr/ZHdjx60AMP9s4wzQpGQ65HVOMQga8cV9/yudsPE4TP7:9EiZa4Y+ZY6s4g155RA/yuip+1suOd+I

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  04a09091d1d59ed0848cb7747ada8ba2a5cebe06595382c2a641c1ac1c7045ac
- Size
  
  543KB
- MD5
  
  f2bf2ccce67ddbb35416ad1446fbe272
- SHA1
  
  75e8b2e1a68f69c6b518c7c8f9dcd9ef8e1a1323
- SHA256
  
  04a09091d1d59ed0848cb7747ada8ba2a5cebe06595382c2a641c1ac1c7045ac
- SHA512
  
  bd7cb9b084e77d769996d5a9cddbf961690fcd546fe50e1c086f78d14f0458abcef518fe7613a07b77d595ad8c764eb4d5eb27174dc9ab6c97f6d44bb4c79e2e
- SSDEEP
  
  6144:SRMLwiZtLix78pD/AUFr/ZHdjx60AMP9s4wzQpGQ65HVOMQga8cV9/yudsPE4TP7:9EiZa4Y+ZY6s4g155RA/yuip+1suOd+I
Score

8^/10

persistence upx
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2