2b5e98babec23e9adbc729afd02b52088d0be2dc153b910c0ef0b10093661fa2

General

Target

2b5e98babec23e9adbc729afd02b52088d0be2dc153b910c0ef0b10093661fa2
Size

929KB
Sample

221201-f4thxace5x
MD5

301642ed8377019f41896e22e809a290
SHA1

8f144526efd89acd77bf0fb03bc6b9c6e69e47e1
SHA256

2b5e98babec23e9adbc729afd02b52088d0be2dc153b910c0ef0b10093661fa2
SHA512

fae39b4a5a298b985f39cfff8bb313027b7e977fabc343a0f2d73eef6bc0acb2e205352a068e6cf0e292d4c24df328c9d2f160a1755b2c1ed0024af22405d92d
SSDEEP

3072:M++YgG4jF0gtALAXLi9CaBl5gIP3UsmeYEgtFU:pRmICwWebb

Score

8^/10

Malware Config

Targets

- Target
  
  2b5e98babec23e9adbc729afd02b52088d0be2dc153b910c0ef0b10093661fa2
- Size
  
  929KB
- MD5
  
  301642ed8377019f41896e22e809a290
- SHA1
  
  8f144526efd89acd77bf0fb03bc6b9c6e69e47e1
- SHA256
  
  2b5e98babec23e9adbc729afd02b52088d0be2dc153b910c0ef0b10093661fa2
- SHA512
  
  fae39b4a5a298b985f39cfff8bb313027b7e977fabc343a0f2d73eef6bc0acb2e205352a068e6cf0e292d4c24df328c9d2f160a1755b2c1ed0024af22405d92d
- SSDEEP
  
  3072:M++YgG4jF0gtALAXLi9CaBl5gIP3UsmeYEgtFU:pRmICwWebb
Score

8^/10

discovery evasion persistence trojan upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Deletes itself
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds policy Run key to start application

Executes dropped EXE

UPX packed file

Checks BIOS information in registry

Deletes itself

Loads dropped DLL

Checks installed software on the system

Checks whether UAC is enabled

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2