934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408 | Triage

Submit
Reports

Overview

overview

Static

static

934140fdfe...08.exe

windows7-x64

934140fdfe...08.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408
Size

257KB
Sample

221203-v5la9aed4w
MD5

686ef0b2dc0fe2b2d1dcc8b7307ac5b7
SHA1

0a8ed937a86c5fbdfb1b3fe7bdce7a52f64e91cb
SHA256

934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408
SHA512

0ca62b67603975c934c23d3c1ea116ec250f8728ada0ed79923e5def35f5401d1c5af05967429e80a13484231a68f76d2f5a5db1f999c410c78668d80604857e
SSDEEP

6144:RJIpFWgCP/Pb2ymxQK/ElXV+/muboOCApwcYO0ZHWACziT:WUj7uQWw+/mooOCUYOgWZzu

Score

10^/10

evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408.exe

Resource

win10v2004-20220812-en

evasion persistence upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408
- Size
  
  257KB
- MD5
  
  686ef0b2dc0fe2b2d1dcc8b7307ac5b7
- SHA1
  
  0a8ed937a86c5fbdfb1b3fe7bdce7a52f64e91cb
- SHA256
  
  934140fdfe5ce5d1fabea78dc59bd5df682e1e02b49b6ea93b9c9d3bfab1c408
- SHA512
  
  0ca62b67603975c934c23d3c1ea116ec250f8728ada0ed79923e5def35f5401d1c5af05967429e80a13484231a68f76d2f5a5db1f999c410c78668d80604857e
- SSDEEP
  
  6144:RJIpFWgCP/Pb2ymxQK/ElXV+/muboOCApwcYO0ZHWACziT:WUj7uQWw+/mooOCUYOgWZzu
Score

10^/10

evasion persistence upx
- Modifies WinLogon for persistence
  persistence
- Disables use of System Restore points
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy