2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

2c59bd81eb...78.exe

windows7-x64

8

2c59bd81eb...78.exe

windows10-2004-x64

8

Sharing

General

Target

2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78
Size

57KB
Sample

221202-3xpygaff54
MD5

8f3abbb6c30b9e2e4e72b0e8f192aaa6
SHA1

19cc26ff5509c85520732828ec2085d52e18f33a
SHA256

2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78
SHA512

e7f52358416f3c8567c1361546ae274c9c5685290f05e058135ee03b4125fef8729de5ce05daa5a34345042477fba3ca86f6cb856415634bb8161965c17e7938
SSDEEP

1536:mkazcVn2gSpl9vxWgfb0ZqU1T4dEIi4Jnf/qrqe71G:c82gI9vcGEJ4dEIzJf/iqyG

Score

8^/10

discovery exploit upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78.exe

Resource

win7-20220901-en

discovery exploit upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78.exe

Resource

win10v2004-20220812-en

discovery exploit upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78
- Size
  
  57KB
- MD5
  
  8f3abbb6c30b9e2e4e72b0e8f192aaa6
- SHA1
  
  19cc26ff5509c85520732828ec2085d52e18f33a
- SHA256
  
  2c59bd81eb6cb54781d9dc09a54a86e66d1a82781cf5f19b0510433cdb9a6a78
- SHA512
  
  e7f52358416f3c8567c1361546ae274c9c5685290f05e058135ee03b4125fef8729de5ce05daa5a34345042477fba3ca86f6cb856415634bb8161965c17e7938
- SSDEEP
  
  1536:mkazcVn2gSpl9vxWgfb0ZqU1T4dEIi4Jnf/qrqe71G:c82gI9vcGEJ4dEIzJf/iqyG
Score

8^/10

discovery exploit upx
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploitupx

behavioral2

discoveryexploitupx

© 2018-2024

Terms | Privacy