b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e | Triage

Submit
Reports

Overview

overview

Static

static

8

b41987ebcb...5e.exe

windows7-x64

b41987ebcb...5e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e
Size

31KB
Sample

221201-qflhhaee7t
MD5

c6cf7d3c21f1412cd2201b80f2eafdc6
SHA1

0ab052391f0335c13b03c69f30bdc0d327ae2197
SHA256

b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e
SHA512

acbf00e98dcffd3c611bd716070a4f437c90081789dd8106debecb4f615be42c9213808cf61c0acd2f8033003cf395606e0a5781222d030e2a8a6ae483adb535
SSDEEP

768:Rx1c2kbCkcXcsYK5/dQI+0MahTVLAxsCBiWXwV8+Wh/Z37Z:RGukc/YM/db+DahRLCBiWV+WPrZ

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e
- Size
  
  31KB
- MD5
  
  c6cf7d3c21f1412cd2201b80f2eafdc6
- SHA1
  
  0ab052391f0335c13b03c69f30bdc0d327ae2197
- SHA256
  
  b41987ebcbf792890ea40b47b64f0aa3cb23ac3beb51710c15e084766b35d65e
- SHA512
  
  acbf00e98dcffd3c611bd716070a4f437c90081789dd8106debecb4f615be42c9213808cf61c0acd2f8033003cf395606e0a5781222d030e2a8a6ae483adb535
- SSDEEP
  
  768:Rx1c2kbCkcXcsYK5/dQI+0MahTVLAxsCBiWXwV8+Wh/Z37Z:RGukc/YM/db+DahRLCBiWV+WPrZ
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy