ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827 | Triage

Submit
Reports

Overview

overview

Static

static

ff96a59e98...27.exe

windows7-x64

ff96a59e98...27.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827
Size

57KB
Sample

221201-s61ffsge2w
MD5

32572317ff940abdf461908874b7c396
SHA1

6bb207d48a1146311da5c1f717e46da6d72af284
SHA256

ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827
SHA512

d21fba65f7e413f8b0daa3907f6565c363d53143fd3237863aa3bb3a3e20a24b9bb15f863da61cc914b309c33c5d21385d0c86ee8541f61f4009009dbd39871f
SSDEEP

768:i6wj4b0UauxtaTVOexhC/uDh0UG5OnAuRRSHf05AEP:wj4l9Papv79z7njjj

Score

10^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827
- Size
  
  57KB
- MD5
  
  32572317ff940abdf461908874b7c396
- SHA1
  
  6bb207d48a1146311da5c1f717e46da6d72af284
- SHA256
  
  ff96a59e98358a7a585f82afde0561eb74fb9c294997d7e29f915cb102dd9827
- SHA512
  
  d21fba65f7e413f8b0daa3907f6565c363d53143fd3237863aa3bb3a3e20a24b9bb15f863da61cc914b309c33c5d21385d0c86ee8541f61f4009009dbd39871f
- SSDEEP
  
  768:i6wj4b0UauxtaTVOexhC/uDh0UG5OnAuRRSHf05AEP:wj4l9Papv79z7njjj
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy