f393b5da536572f9f4e78adc9c3c5cf053cd8cdc5eeb5e192a18a73964623e41 | Triage

Sharing

General

Target

f393b5da536572f9f4e78adc9c3c5cf053cd8cdc5eeb5e192a18a73964623e41
Size

53KB
Sample

221129-hch9zaea22
MD5

44e6841dbe421e7fffd7c65ed0c34ac4
SHA1

f4c7c4cb1eb50b49f4945fbc1a0910ae37a4f3d6
SHA256

f393b5da536572f9f4e78adc9c3c5cf053cd8cdc5eeb5e192a18a73964623e41
SHA512

d91ca24443bf64d2cceea4792d93bf9127eefb5e212d5d2147edfc60a5d8589ddf78667d5b44a0619738075e89bd6daa50b5c37ce782e5d267bda3656b8de4e7
SSDEEP

1536:9L2RmQVYNsWt5p/XJerUMdwgUHBKOeTygr:RFLp/JolQwOez

Score

10^/10

evasion upx

Malware Config

Targets

- Target
  
  f393b5da536572f9f4e78adc9c3c5cf053cd8cdc5eeb5e192a18a73964623e41
- Size
  
  53KB
- MD5
  
  44e6841dbe421e7fffd7c65ed0c34ac4
- SHA1
  
  f4c7c4cb1eb50b49f4945fbc1a0910ae37a4f3d6
- SHA256
  
  f393b5da536572f9f4e78adc9c3c5cf053cd8cdc5eeb5e192a18a73964623e41
- SHA512
  
  d91ca24443bf64d2cceea4792d93bf9127eefb5e212d5d2147edfc60a5d8589ddf78667d5b44a0619738075e89bd6daa50b5c37ce782e5d267bda3656b8de4e7
- SSDEEP
  
  1536:9L2RmQVYNsWt5p/XJerUMdwgUHBKOeTygr:RFLp/JolQwOez
Score

10^/10

upx evasion
- Modifies firewall policy service
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2