68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
Size

835KB
Sample

221201-enqxeacf65
MD5

b98c25eb4eb2efbd1f6a314eab6ba0e0
SHA1

2c5d0df32e7f51de1d171b5c910c7b92c6f6dbdd
SHA256

68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
SHA512

4c2f93d821f733f1db8041fffb6c217900e1fba7837df5ab207c61c8d4aeb1468bc2a3090815e81e2e21bfd00b228202b085a5e135450a752b7cd12dd9acb668
SSDEEP

12288:TyQPfupi9mGfFUXlcT9X9yvbZ+pTASOsFEDKxRUPPcZKCdpGU2WzaReL:TyQEi9mdlcBcZ+pkSOqRSPcZQSmy

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
- Size
  
  835KB
- MD5
  
  b98c25eb4eb2efbd1f6a314eab6ba0e0
- SHA1
  
  2c5d0df32e7f51de1d171b5c910c7b92c6f6dbdd
- SHA256
  
  68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
- SHA512
  
  4c2f93d821f733f1db8041fffb6c217900e1fba7837df5ab207c61c8d4aeb1468bc2a3090815e81e2e21bfd00b228202b085a5e135450a752b7cd12dd9acb668
- SSDEEP
  
  12288:TyQPfupi9mGfFUXlcT9X9yvbZ+pTASOsFEDKxRUPPcZKCdpGU2WzaReL:TyQEi9mdlcBcZ+pkSOqRSPcZQSmy
Score

8^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2