be91a0635cab8be4952c30398671617f9e548f30451172ed0ecd416fdc0aa998 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

utorrent_i...er.exe

windows7-x64

8

utorrent_i...er.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

utorrent_installer.exe
Size

1.7MB
Sample

230324-mzjapsdg69
MD5

bb58fd279a1b991e2bebb1941bb64905
SHA1

71f48cfc2ad7f6faa0cfb9b9424e5564e215a9b0
SHA256

be91a0635cab8be4952c30398671617f9e548f30451172ed0ecd416fdc0aa998
SHA512

e4cbb2099c42220722b9b34288c49f37554b555df885ff4389f7743e19efd2eb9bc57089d333ed030891e3240f7e10ac038c587e7928d794a56b03073cf95ca6
SSDEEP

24576:a4nXubIQGyxbPV0db26sdRr9IThAZymuz7lnAjEHLcfVLKswfsl:aqe3f6e9Zyh71SaLcfxOfsl

Score

8^/10

discovery evasion persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

utorrent_installer.exe

Resource

win7-20230220-en

discovery evasion persistence upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

utorrent_installer.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  utorrent_installer.exe
- Size
  
  1.7MB
- MD5
  
  bb58fd279a1b991e2bebb1941bb64905
- SHA1
  
  71f48cfc2ad7f6faa0cfb9b9424e5564e215a9b0
- SHA256
  
  be91a0635cab8be4952c30398671617f9e548f30451172ed0ecd416fdc0aa998
- SHA512
  
  e4cbb2099c42220722b9b34288c49f37554b555df885ff4389f7743e19efd2eb9bc57089d333ed030891e3240f7e10ac038c587e7928d794a56b03073cf95ca6
- SSDEEP
  
  24576:a4nXubIQGyxbPV0db26sdRr9IThAZymuz7lnAjEHLcfVLKswfsl:aqe3f6e9Zyh71SaLcfxOfsl
Score

8^/10

discovery evasion persistence upx
- Downloads MZ/PE file
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

© 2018-2025

Terms | Privacy