a1ab49fde25940fc362a7bfe8be5a7dbdbc0746828a12a45e464b19702321caf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1ab49fde25940fc362a7bfe8be5a7dbdbc0746828a12a45e464b19702321caf
Size

197KB
Sample

221204-jjmreahg27
MD5

9bedfd3f340c2250b34caa1c7c01085d
SHA1

0e3ac57f79d9f6065fd71646113ce38ac9c91dce
SHA256

a1ab49fde25940fc362a7bfe8be5a7dbdbc0746828a12a45e464b19702321caf
SHA512

75613d08863b63c07ba82d07ff8939fb7928895d4b42af4828420f9e1c37c073c4bac3fe756c41df3d53daa32c3c11b5fe5fa324fca096b4891c578784f8024a
SSDEEP

3072:QQNLR0GTc6J8VFSRMZX6qxLb1EhNUrC5/vut39It3Sxa:VNLn8mU6Uv1wGt3Ot3S

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  a1ab49fde25940fc362a7bfe8be5a7dbdbc0746828a12a45e464b19702321caf
- Size
  
  197KB
- MD5
  
  9bedfd3f340c2250b34caa1c7c01085d
- SHA1
  
  0e3ac57f79d9f6065fd71646113ce38ac9c91dce
- SHA256
  
  a1ab49fde25940fc362a7bfe8be5a7dbdbc0746828a12a45e464b19702321caf
- SHA512
  
  75613d08863b63c07ba82d07ff8939fb7928895d4b42af4828420f9e1c37c073c4bac3fe756c41df3d53daa32c3c11b5fe5fa324fca096b4891c578784f8024a
- SSDEEP
  
  3072:QQNLR0GTc6J8VFSRMZX6qxLb1EhNUrC5/vut39It3Sxa:VNLn8mU6Uv1wGt3Ot3S
Score

8^/10

persistence upx
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2