77e8d267d29e841bc5ccfbcb2b4e413440f7c29b6fec52c53d3caf6448990918 | Triage

Sharing

General

Target

77e8d267d29e841bc5ccfbcb2b4e413440f7c29b6fec52c53d3caf6448990918
Size

152KB
Sample

221201-ddzacscd5v
MD5

5b8655367d750964e1c25db99609d1cc
SHA1

39891628760cb782758b9ded2871780c2921826f
SHA256

77e8d267d29e841bc5ccfbcb2b4e413440f7c29b6fec52c53d3caf6448990918
SHA512

52922807ac78082af8973ecc83d12eef2c65b60726ccccef46b07e05e81f84d933a7a3a0f332f42c2ca4ce2d9b1fcc812f46fe97bda788f41fb0aa3b84ceb38f
SSDEEP

1536:lajwWzwgVwPLoJ8VQP0XyXnIcWWXaUZYynkhLtvtHciUcjD/NJ2v6yVpXA:lajwWcfa8a+yXn9RXaUZA30+7C6yV

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  77e8d267d29e841bc5ccfbcb2b4e413440f7c29b6fec52c53d3caf6448990918
- Size
  
  152KB
- MD5
  
  5b8655367d750964e1c25db99609d1cc
- SHA1
  
  39891628760cb782758b9ded2871780c2921826f
- SHA256
  
  77e8d267d29e841bc5ccfbcb2b4e413440f7c29b6fec52c53d3caf6448990918
- SHA512
  
  52922807ac78082af8973ecc83d12eef2c65b60726ccccef46b07e05e81f84d933a7a3a0f332f42c2ca4ce2d9b1fcc812f46fe97bda788f41fb0aa3b84ceb38f
- SSDEEP
  
  1536:lajwWzwgVwPLoJ8VQP0XyXnIcWWXaUZYynkhLtvtHciUcjD/NJ2v6yVpXA:lajwWcfa8a+yXn9RXaUZA30+7C6yV
Score

8^/10

persistence upx
- Adds policy Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2