9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca | Triage

Submit
Reports

Overview

overview

Static

static

9745803b86...ca.exe

windows7-x64

9745803b86...ca.exe

windows10-2004-x64

1

Sharing

General

Target

9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca
Size

99KB
Sample

221203-veka9shc74
MD5

4ded9e570ac680ef72df7c6344a3c96f
SHA1

59ebbc4b5b37731f0ada5e3da82693f71bca81e7
SHA256

9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca
SHA512

03b4159c7c4ce58a584d1e7a33e03fbbadcb841c50b074f07e55daf5dd49bd3450b50a51c190e88cf1aee1765463adddd0376900e419378076ac0148d82c9305
SSDEEP

1536:cKLaLaeZ3IxvDPbI+PBpf4tbfFd/kZO1qz1hW2qfTqzwClSbbOqCIzgEXD:cC9uIxvD9PTwtbNd/kZ2qyLqErb+I7

Score

10^/10

evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca
- Size
  
  99KB
- MD5
  
  4ded9e570ac680ef72df7c6344a3c96f
- SHA1
  
  59ebbc4b5b37731f0ada5e3da82693f71bca81e7
- SHA256
  
  9745803b868e4b009b95ffc7ecc6f77d37834445cfa37f0bf3dd4f303c22a1ca
- SHA512
  
  03b4159c7c4ce58a584d1e7a33e03fbbadcb841c50b074f07e55daf5dd49bd3450b50a51c190e88cf1aee1765463adddd0376900e419378076ac0148d82c9305
- SSDEEP
  
  1536:cKLaLaeZ3IxvDPbI+PBpf4tbfFd/kZO1qz1hW2qfTqzwClSbbOqCIzgEXD:cC9uIxvD9PTwtbNd/kZ2qyLqErb+I7
Score

10^/10

evasion persistence upx
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

© 2018-2025

Terms | Privacy