e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40 | Triage

Submit
Reports

Overview

overview

Static

static

8

e3c922cfda...40.exe

windows7-x64

8

e3c922cfda...40.exe

windows10-2004-x64

Sharing

General

Target

e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40
Size

181KB
Sample

221206-r5x39sbc3s
MD5

56a7ecbff7085bc979da3ca04538ffdd
SHA1

7e1b034256dc914f3a0b65540eb562b311703385
SHA256

e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40
SHA512

06413d4afb80f37111017fd34f0e4d08c8205b08d7fbee21c8d573e597101354c3f578bd9c718377674e617484ad74f7b481262db9c841892c50a834df6f10d0
SSDEEP

768:+ALz6gvKsQV/+RHjyO3eTRpDToA85UF1ht5Po4IEzNVAw2BS2Pj7OTtGsjUcLbh1:tPZG/4yO3+RpDcxSPrAX22BSCHAtFG

Score

10^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40.exe

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40.exe

Resource

win10v2004-20221111-en

evasion persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40
- Size
  
  181KB
- MD5
  
  56a7ecbff7085bc979da3ca04538ffdd
- SHA1
  
  7e1b034256dc914f3a0b65540eb562b311703385
- SHA256
  
  e3c922cfda55941ca84d947c1501304929986694c3eb53daa2304c489ef8cf40
- SHA512
  
  06413d4afb80f37111017fd34f0e4d08c8205b08d7fbee21c8d573e597101354c3f578bd9c718377674e617484ad74f7b481262db9c841892c50a834df6f10d0
- SSDEEP
  
  768:+ALz6gvKsQV/+RHjyO3eTRpDToA85UF1ht5Po4IEzNVAw2BS2Pj7OTtGsjUcLbh1:tPZG/4yO3+RpDcxSPrAX22BSCHAtFG
Score

10^/10

upx evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy