d27b91e3660871fb51f6926a32ea6d352a34c59256382a107eadf7134085643f | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Device/Har...er.exe

windows7-x64

8

Device/Har...er.exe

windows10-2004-x64

8

Sharing

General

Target

UVUpdater.exe
Size

3.3MB
Sample

230716-jssn1seb81
MD5

d6b5275bb1cd849c06120cd78d81491a
SHA1

7626a0be513278f9f103d3eea323305c55281342
SHA256

d27b91e3660871fb51f6926a32ea6d352a34c59256382a107eadf7134085643f
SHA512

61e1289207a80f1419cba5a3e7045dd16d3bd297765f41660146741d5271dcd8260bbbf6bc3577f4925329340707a78a0a1dd69e3ca2c74720def195c8b116f1
SSDEEP

49152:Yq6uh6U3sBk0mvvoyxlJcQUbtKszF7CgSdlEZb0EEzRMPUJdFLK/KuToajA9EmBA:X6iX3sCoyxl1UxzeiZb3ILvFLKvoasKF

Score

8^/10

discovery evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

Device/HarddiskVolume3/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win7-20230712-en

discovery evasion upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume3/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win10v2004-20230703-en

discovery evasion upx

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume3/Program Files (x86)/UltraViewer/Update/UVUpdater.exe
- Size
  
  3.4MB
- MD5
  
  58c7835275c287ffa6aab23500b61ecb
- SHA1
  
  8d4ef999c7755423576bfcfd9092d4976f409c29
- SHA256
  
  81fb1f2231fc1956351a3ad690ffad177b8174f52d51518bd5333e9ce24cb042
- SHA512
  
  788a55c52b6b748e0f330c201a2cd65471265742b35f4672bf8183a338566212e8710bb6603501d6e76eeb7da263abb39bfaa0e1d1024b86212fb1a0d42d5394
- SSDEEP
  
  98304:H5zZ80gsEX+LjH24iPFna6KbgxZiZc7Xmhcf9ViPS:Hf80gsl3WLs6EZI2GFcS
Score

8^/10

discovery evasion upx
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionupx

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy