f256276c0af25e87b13a8c874bfa1e4ed3550aa17cab338b2c2a032ab50b37be | Triage

Submit
Reports

Overview

overview

Static

static

3

MeiqiaWinLatest.exe

windows7-x64

MeiqiaWinLatest.exe

windows10-1703-x64

MeiqiaWinLatest.exe

windows10-2004-x64

Sharing

General

Target

MeiqiaWinLatest.exe
Size

162.7MB
Sample

230828-essa2afe67
MD5

ac5307b8067f840e6c051cd455a76072
SHA1

080bccef6820955788c23b700a9dc2256f490ebc
SHA256

f256276c0af25e87b13a8c874bfa1e4ed3550aa17cab338b2c2a032ab50b37be
SHA512

24fb06453b8e056cc90c26041b195e37296974ec9f2723b77d1092872ebab6c0b71ddb95d364d1a852ebf586771feebfa1681ecfdb385d0c0e5d57a30b04361b
SSDEEP

3145728:NBt+6r/LUar8YAliZQgkSN680ZDjAVRIw5WC7R/YLtZME8ahgcAnHBnc2C:N/+6k4Z9kE6DGIRCV/ct+NarAnHxpC

Score

10^/10

evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MeiqiaWinLatest.exe

Resource

win7-20230712-en

evasion trojan upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

MeiqiaWinLatest.exe

Resource

win10-20230703-en

evasion trojan upx

windows10-1703-x64

16 signatures

150 seconds

Behavioral task

behavioral3

Sample

MeiqiaWinLatest.exe

Resource

win10v2004-20230824-en

evasion trojan upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  MeiqiaWinLatest.exe
- Size
  
  162.7MB
- MD5
  
  ac5307b8067f840e6c051cd455a76072
- SHA1
  
  080bccef6820955788c23b700a9dc2256f490ebc
- SHA256
  
  f256276c0af25e87b13a8c874bfa1e4ed3550aa17cab338b2c2a032ab50b37be
- SHA512
  
  24fb06453b8e056cc90c26041b195e37296974ec9f2723b77d1092872ebab6c0b71ddb95d364d1a852ebf586771feebfa1681ecfdb385d0c0e5d57a30b04361b
- SSDEEP
  
  3145728:NBt+6r/LUar8YAliZQgkSN680ZDjAVRIw5WC7R/YLtZME8ahgcAnHBnc2C:N/+6k4Z9kE6DGIRCV/ct+NarAnHxpC
Score

10^/10

evasion trojan upx
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx

behavioral2

evasiontrojanupx

behavioral3

evasiontrojanupx

© 2018-2024

Terms | Privacy