c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2 | Triage

Submit
Reports

Overview

overview

Static

static

c88ff12272...f2.exe

windows7-x64

c88ff12272...f2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2
Size

110KB
Sample

221206-mwpcjsag95
MD5

117c4d5c8263ce99d74bd387566cd32a
SHA1

0561915164f2f4014b153e7e01dac96ccb6c84ed
SHA256

c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2
SHA512

0da19aae6a2a41c88bf493e34a017c02e5374436751195cea31bd86ce815f84722185e62b67b13b7663e22d83c4fcecdeb81e9fd983d09fe432ec8725ca8cf03
SSDEEP

3072:ncw9JIpFWgCcw2OPdZm+UyidxE9oVjB1jzo:RJIpFWgCP/Pb2ymxQK/o

Score

10^/10

evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2.exe

Resource

win10v2004-20220812-en

evasion persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2
- Size
  
  110KB
- MD5
  
  117c4d5c8263ce99d74bd387566cd32a
- SHA1
  
  0561915164f2f4014b153e7e01dac96ccb6c84ed
- SHA256
  
  c88ff12272f09d28b738fec73b272cf084e13b6066e7933fa8f16728193de2f2
- SHA512
  
  0da19aae6a2a41c88bf493e34a017c02e5374436751195cea31bd86ce815f84722185e62b67b13b7663e22d83c4fcecdeb81e9fd983d09fe432ec8725ca8cf03
- SSDEEP
  
  3072:ncw9JIpFWgCcw2OPdZm+UyidxE9oVjB1jzo:RJIpFWgCP/Pb2ymxQK/o
Score

10^/10

evasion persistence upx
- Modifies WinLogon for persistence
  persistence
- Disables use of System Restore points
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy