d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

DriverPack...70.exe

windows10-2004-x64

8

Sharing

General

Target

DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
Size

8.4MB
Sample

230328-vvcalacb79
MD5

33392cd0b796d29536f5f7395ce848bd
SHA1

2f7b3514f6c5bfac7ef8a191827566117da3fc64
SHA256

d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33
SHA512

b3a997bc43a1a2c199445bf12be0843def35f08c4dd4a512f2bf80b8f523c679ec976a9d34cd8a8309a5d021b7551e99ddedbc1bdc8c4739882914b5f964dcaa
SSDEEP

196608:fLpq7HUPSNCk6cpYiBQhHJ9umZV7/l0J7mnN62AAERvtpe:fLUEQscpYiGdJtVyJ7mN62AAye

Score

8^/10

discovery evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

DriverPack-17-Online_undefined__p4apjlazy2p0170.exe

Resource

win10v2004-20230221-es

discovery evasion upx

windows10-2004-x64

16 signatures

60 seconds

Malware Config

Targets

- Target
  
  DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
- Size
  
  8.4MB
- MD5
  
  33392cd0b796d29536f5f7395ce848bd
- SHA1
  
  2f7b3514f6c5bfac7ef8a191827566117da3fc64
- SHA256
  
  d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33
- SHA512
  
  b3a997bc43a1a2c199445bf12be0843def35f08c4dd4a512f2bf80b8f523c679ec976a9d34cd8a8309a5d021b7551e99ddedbc1bdc8c4739882914b5f964dcaa
- SSDEEP
  
  196608:fLpq7HUPSNCk6cpYiBQhHJ9umZV7/l0J7mnN62AAERvtpe:fLUEQscpYiGdJtVyJ7mN62AAye
Score

8^/10

discovery evasion upx
- Blocklisted process makes network request
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Security Software Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionupx

© 2018-2024

Terms | Privacy