aea9844318657fccfe68a5a19724d743faaeb3ddad7e1d92bbd94c51f6e4ea88 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Device/Har...er.exe

windows7-x64

8

Device/Har...er.exe

windows10-2004-x64

8

Sharing

General

Target

UVUpdater.exe
Size

3.6MB
Sample

230529-mzg3msbd55
MD5

418ab87151aa8cc0d1be8c970ee9a643
SHA1

07530245482a3608ffd5f5a9f57727fd8369ce18
SHA256

aea9844318657fccfe68a5a19724d743faaeb3ddad7e1d92bbd94c51f6e4ea88
SHA512

9a59fdf04957344f66c3b096db7f523e6aca20b4d0c15a74275f2c5ee20ae53e552d71e2b51c7a566f6ee8f698b565ff595c7b083ac597c34ee9a4d3c101bc4e
SSDEEP

49152:rumKvD9hRES8vF5DqW0wFJCr2lQMb9al+XNIegyreGviitRozKDpxPrs/NJlmfv0:Sme0u8JCrWJoLGvTomDe/lmfvwhONy

Score

8^/10

discovery evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win7-20230220-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win10v2004-20230220-en

discovery evasion upx

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe
- Size
  
  3.7MB
- MD5
  
  5a25dc52d6248b6014d823a816dff477
- SHA1
  
  082044061f252e2d90fd0d8689b2eb72cba434ce
- SHA256
  
  8b2e4d77f99fe573244597dc8f1733656ee0ffb8ca6365d968af93f7f8943f56
- SHA512
  
  5737d372b480f335355056bd245cb8d65b7f77ab4058607aade7f6eeab9c388a2ba7d962acceb6fc65ed67cb7165f13796eb0c0615acfb698acb1e073576fcb7
- SSDEEP
  
  98304:I5zZ80gsEX+LjrKnRYgHFW2Ho7k7O5iN0BFCgvRRnf9ViPa:If80gsl3rKnTK5s0qg5Hca
Score

8^/10

evasion discovery upx
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

discoveryevasionupx

© 2018-2024

Terms | Privacy