9080cc2e284d68e776957ad12e86455458ead9ba34d8afebe7ee2cc5a7514c05 | Triage

Sharing

General

Target

9080cc2e284d68e776957ad12e86455458ead9ba34d8afebe7ee2cc5a7514c05
Size

73KB
Sample

231103-3fpalsbb3s
MD5

82eae0084a91983e3730b537982b0d82
SHA1

8dc1e8c5957bd1089036b5c0f5b6ba7ebe227354
SHA256

9080cc2e284d68e776957ad12e86455458ead9ba34d8afebe7ee2cc5a7514c05
SHA512

823e9a51c6109d1e0d2e561043694694a7657ee2d663059973a1cad3cb6be2e687a8cab2bfe436bc8762d228c878951c5784e2868a2f4325b2999071b6aabd27
SSDEEP

1536:awsdCFnE4Nz1/SXPtpoprAeDYxUfGYhK5O:awsAik1a4pGYhK5O

Score

10^/10

evasion trojan upx

Malware Config

Targets

- Target
  
  9080cc2e284d68e776957ad12e86455458ead9ba34d8afebe7ee2cc5a7514c05
- Size
  
  73KB
- MD5
  
  82eae0084a91983e3730b537982b0d82
- SHA1
  
  8dc1e8c5957bd1089036b5c0f5b6ba7ebe227354
- SHA256
  
  9080cc2e284d68e776957ad12e86455458ead9ba34d8afebe7ee2cc5a7514c05
- SHA512
  
  823e9a51c6109d1e0d2e561043694694a7657ee2d663059973a1cad3cb6be2e687a8cab2bfe436bc8762d228c878951c5784e2868a2f4325b2999071b6aabd27
- SSDEEP
  
  1536:awsdCFnE4Nz1/SXPtpoprAeDYxUfGYhK5O:awsAik1a4pGYhK5O
Score

10^/10

evasion trojan upx
- UAC bypass
  evasion trojan
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx