549f2fccde9407dcb7f3bf0a88031f6183955924118de52d2c79f875ba0d03ea | Triage

Submit
Reports

Overview

overview

8

Static

static

3

f8ef3e3b18...6c.exe

windows7-x64

8

f8ef3e3b18...6c.exe

windows10-2004-x64

8

Sharing

General

Target

6bb40ed95f770955ea7cf27e4785612e.bin
Size

310KB
Sample

230602-b97khahd27
MD5

53500665743c310499d479efaaa5803a
SHA1

e8384f015a631524dfa4e181c4082c239a07a518
SHA256

549f2fccde9407dcb7f3bf0a88031f6183955924118de52d2c79f875ba0d03ea
SHA512

ce4404f0c7ae3fc0b5e8f00c31576d9b76206efc922bef123f172c25aaa1b88fc849ca205c14e4c3b5d093d90e96f668286feefa6c43a5e19858491504fb5cd8
SSDEEP

6144:7f7PCC5hwDaqod68d7+Jj6T4UcLnv9uvboxCMEk/H5pAhWIMZw:7fDCEh6sd6G34UczvrgRk/ZpOWIMa

Score

8^/10

dave persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f8ef3e3b18e72eebb4b18edbc90f7f5851ab0af044473fa2856fc974f0c33d6c.exe

Resource

win7-20230220-en

dave persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f8ef3e3b18e72eebb4b18edbc90f7f5851ab0af044473fa2856fc974f0c33d6c.exe

Resource

win10v2004-20230220-en

dave persistence upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  f8ef3e3b18e72eebb4b18edbc90f7f5851ab0af044473fa2856fc974f0c33d6c.exe
- Size
  
  533KB
- MD5
  
  6bb40ed95f770955ea7cf27e4785612e
- SHA1
  
  db93260f6bdeb2321fd73019af3d6182c97fd2c5
- SHA256
  
  f8ef3e3b18e72eebb4b18edbc90f7f5851ab0af044473fa2856fc974f0c33d6c
- SHA512
  
  e97a8aa76ebc4e473323cc8e7413fa8536ea57986f1fd4a45ec39bf3c86a817852fa2d9531c1bb622d0611d26e7afb970da9833220fc12b3170417718a1e12aa
- SSDEEP
  
  12288:NJsZ3dUdAz1aVlOsBfDtNK+UmDFZIdP03d0cMvNc:rsH6FvOYtNK+HrId03dEvS
Score

8^/10

dave persistence upx
- Dave packer
  Detects executable using a packer named 'Dave' by the community, based on a string at the end.
  dave
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

davepersistenceupx

behavioral2

davepersistenceupx

© 2018-2024

Terms | Privacy