abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07 | Triage

Submit
Reports

Overview

overview

Static

static

abc28ef160...07.exe

windows7-x64

3

abc28ef160...07.exe

windows10-2004-x64

Sharing

General

Target

abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07
Size

320KB
Sample

221205-k442vsea85
MD5

3902133038bb344e9bdfde7cfc4cc822
SHA1

f28c648505b49055af0da7cf7e83212a32328ff3
SHA256

abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07
SHA512

d034ece8a131b0d6fb3b8780203abf41ec974cfb39d33d9d275ee6114253bafb84b9c3d304f1c9cb7aabca6e7a38e1a9a35728ade73d42f31ff2dba4fbff3034
SSDEEP

3072:4L70TJ07S6KNMX+EOrdznF6C4Ds0XTqNEAOisQ070pl5pK7A:XtlpUKbE5isQ07J8

Score

10^/10

evasion persistence trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07.exe

Resource

win10v2004-20220812-en

evasion persistence trojan upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07
- Size
  
  320KB
- MD5
  
  3902133038bb344e9bdfde7cfc4cc822
- SHA1
  
  f28c648505b49055af0da7cf7e83212a32328ff3
- SHA256
  
  abc28ef160b08a52bcdd28041e4c561b73672a416382e8d3c82bcdcae5cc1e07
- SHA512
  
  d034ece8a131b0d6fb3b8780203abf41ec974cfb39d33d9d275ee6114253bafb84b9c3d304f1c9cb7aabca6e7a38e1a9a35728ade73d42f31ff2dba4fbff3034
- SSDEEP
  
  3072:4L70TJ07S6KNMX+EOrdznF6C4Ds0XTqNEAOisQ070pl5pK7A:XtlpUKbE5isQ07J8
Score

10^/10

evasion persistence trojan upx
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistencetrojanupx

© 2018-2024

Terms | Privacy