e70dc307eaf88429650359397c74ae88663df1cfc05b8e97f80d0bad758986ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

winupas.exe
Size

177KB
Sample

230826-x7rl6aee7z
MD5

6dab0adacbf99a4870eea3ba5e50203c
SHA1

b674453f925202773462ce00499fdb6a9cfe9484
SHA256

e70dc307eaf88429650359397c74ae88663df1cfc05b8e97f80d0bad758986ee
SHA512

cc96a17601b74869b34c08eef7a36376b7889b94f89ae0de4b3c1f07828f9d126250bd2b6c66b1a925faf77d27ba7f0c8001488bfab8d400709e6d820e35c012
SSDEEP

3072:nqn8swZo+N1kF56rwOixLuY3I4NkxDVXflF2FIPy:qn8swZo+7183LuVXflF2F

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  winupas.exe
- Size
  
  177KB
- MD5
  
  6dab0adacbf99a4870eea3ba5e50203c
- SHA1
  
  b674453f925202773462ce00499fdb6a9cfe9484
- SHA256
  
  e70dc307eaf88429650359397c74ae88663df1cfc05b8e97f80d0bad758986ee
- SHA512
  
  cc96a17601b74869b34c08eef7a36376b7889b94f89ae0de4b3c1f07828f9d126250bd2b6c66b1a925faf77d27ba7f0c8001488bfab8d400709e6d820e35c012
- SSDEEP
  
  3072:nqn8swZo+N1kF56rwOixLuY3I4NkxDVXflF2FIPy:qn8swZo+7183LuVXflF2F
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2