beb1c209e511b20fd914c2a55d557aab557535f46ef3e1ffd70e478e375c483a | Triage

Submit
Reports

Overview

overview

Static

static

1

TG-x64.msi

windows7-x64

TG-x64.msi

windows10-1703-x64

TG-x64.msi

windows10-2004-x64

Sharing

General

Target

TG-x64.msi
Size

85.0MB
Sample

230823-ghapcabe6y
MD5

f55bad2eb9042a2602b0ec3e85229a12
SHA1

3ab48b03629dfff4afb9a5a883e93e5a63011849
SHA256

beb1c209e511b20fd914c2a55d557aab557535f46ef3e1ffd70e478e375c483a
SHA512

8b9ebac68c158d6d7823e728afa0424c582ce31a13e928a90cd77ea1970daba5df2af7c211c3d9122ab06414b8b773af60fe9f294f61d7b3702ce0d2a9275ad0
SSDEEP

1572864:3CKa/mZuqQjEedKzR+X2JoqtK5vWcPTlXLquLznMOSRzqVMwa6uM5L6smN9IWO+B:3CKZuqQAedcsX1LlWcPThGGzPSRzZwo9

Score

10^/10

evasion trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

TG-x64.msi

Resource

win7-20230712-en

evasion trojan upx

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

TG-x64.msi

Resource

win10-20230703-en

evasion trojan upx

windows10-1703-x64

16 signatures

150 seconds

Behavioral task

behavioral3

Sample

TG-x64.msi

Resource

win10v2004-20230703-en

evasion trojan upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  TG-x64.msi
- Size
  
  85.0MB
- MD5
  
  f55bad2eb9042a2602b0ec3e85229a12
- SHA1
  
  3ab48b03629dfff4afb9a5a883e93e5a63011849
- SHA256
  
  beb1c209e511b20fd914c2a55d557aab557535f46ef3e1ffd70e478e375c483a
- SHA512
  
  8b9ebac68c158d6d7823e728afa0424c582ce31a13e928a90cd77ea1970daba5df2af7c211c3d9122ab06414b8b773af60fe9f294f61d7b3702ce0d2a9275ad0
- SSDEEP
  
  1572864:3CKa/mZuqQjEedKzR+X2JoqtK5vWcPTlXLquLznMOSRzqVMwa6uM5L6smN9IWO+B:3CKZuqQAedcsX1LlWcPThGGzPSRzZwo9
Score

10^/10

evasion trojan upx
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx

behavioral2

evasiontrojanupx

behavioral3

evasiontrojanupx

© 2018-2024

Terms | Privacy