85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2 | Triage

Submit
Reports

Overview

overview

Static

static

8

85aadf758f...f2.exe

windows7-x64

8

85aadf758f...f2.exe

windows10-2004-x64

Sharing

General

Target

85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2
Size

551KB
Sample

221202-3trb5afd43
MD5

1d780d388626a0ceb81cbaeea62735f4
SHA1

bca9bc959337582137ff4ca22d598e5206dca10a
SHA256

85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2
SHA512

c4d48e66edd218bc6326a4251858236ca3371749bc691d667049e672008ba4c4bd8439c96d018d4b88328dbfd87a7722530cf99744a3f0617b9b19d78c3094c6
SSDEEP

6144:7NSMzXmbO1OO80Vxn1p4Cs0sxefKVR2HAmQolIqXpIe+3okSh8W9OonGX03fATiK:sQXJjvdpHzsxefi2gIb+3LonGkv4nKi7

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2.exe

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2
- Size
  
  551KB
- MD5
  
  1d780d388626a0ceb81cbaeea62735f4
- SHA1
  
  bca9bc959337582137ff4ca22d598e5206dca10a
- SHA256
  
  85aadf758fc7c85bd8e2a00307d1c416dc6fb42af2f92743d69f1b28b64be0f2
- SHA512
  
  c4d48e66edd218bc6326a4251858236ca3371749bc691d667049e672008ba4c4bd8439c96d018d4b88328dbfd87a7722530cf99744a3f0617b9b19d78c3094c6
- SSDEEP
  
  6144:7NSMzXmbO1OO80Vxn1p4Cs0sxefKVR2HAmQolIqXpIe+3okSh8W9OonGX03fATiK:sQXJjvdpHzsxefi2gIb+3LonGkv4nKi7
Score

10^/10

upx persistence
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy