99188d30e34f6cb7ba414e62afe863bf06494445ed86f439605c253cc90ca8e3 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Device/Har...er.exe

windows7-x64

8

Device/Har...er.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

UVUpdater.exe
Size

3.6MB
Sample

230330-hs3njsbd28
MD5

b6175dfd84c4599f411739591a191dda
SHA1

910d5a43c56734348126742f860b7aaabfd07df9
SHA256

99188d30e34f6cb7ba414e62afe863bf06494445ed86f439605c253cc90ca8e3
SHA512

91481e0b5b0f357d342dd33ad7deef496fdecddbfb53f8ef0a529bcda5dcf5dd21974aef3fe4ba482707ba188d1aea73ae3c5b3ebb10e958c1484411b49080ed
SSDEEP

98304:AfbvTzLxTRWIdC+YDrO/H0zBqmAYG8VmPeeVwZeBZiW:Azb/XZdC+YfO/cRBnm2e/Tv

Score

8^/10

discovery evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win7-20230220-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win10v2004-20230220-en

discovery evasion upx

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe
- Size
  
  3.7MB
- MD5
  
  939713e0de12461639d52bf899c5886e
- SHA1
  
  62fe6809675f540f919402237f54f61212c3b6fd
- SHA256
  
  11f2ab9f18f33ffe331dafa99a49ba0a8bd749d75c820c4b6a0056846071f47b
- SHA512
  
  2e5c05def771d7f27eb555fc25d074704d498d68d33297d83ea6059fc529b25764edd26172d5fddb2d1dd42653333d42d83dbcdf974d4a2ee2789974d30eb394
- SSDEEP
  
  98304:d5zZ80gsEX+LjrKNdCjGVqcCiLGneutxtNQ09ViPC:df80gsl3rKNdCFOXuEkcC
Score

8^/10

evasion discovery upx
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy