8da6ee120b4c46531a4daa180bb5df3964e817407e941c8cc6aeffbab923ef38

Sharing

Copy URL

Twitter E-mail

General

Target

dd910f0aa607457c4fce1e01054efc0a08bf3b1c1288e9f3475468d2be763cb0.zip.zip
Size

2.8MB
Sample

231107-r6mzpacb93
MD5

13f284d430573389f41e0f1ccb9962e3
SHA1

1f8a4cd18ca0e937cab366361e214d5ec1ff27a4
SHA256

8da6ee120b4c46531a4daa180bb5df3964e817407e941c8cc6aeffbab923ef38
SHA512

60da83e077ac053e708498a8893b44151226c448adc069b1215f016b23c320001f25043b46efa4e3afd08426cf16987f383791c13a445b1946491e92a129cebf
SSDEEP

49152:pxoNhRGSR4LID9HGZJjSMT7pUqPyRP40xqQtnG5kg8YX:px0RekDlGv+ClLyRPhxt/YX

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  Serv-U/MSVCP71.DLL
- Size
  
  488KB
- MD5
  
  561fa2abb31dfa8fab762145f81667c2
- SHA1
  
  c8ccb04eedac821a13fae314a2435192860c72b8
- SHA256
  
  df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b
- SHA512
  
  7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43
- SSDEEP
  
  12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
Score

3^/10
behavioral1 behavioral2
- Target
  
  Serv-U/MSVCR71.DLL
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10
behavioral3 behavioral4
- Target
  
  Serv-U/RhinoNET.dll
- Size
  
  100KB
- MD5
  
  fd0d212ac0b1ca69863967cb2b038586
- SHA1
  
  01fd56785d9e384af658df55fb168ffc895cb225
- SHA256
  
  d029921c3765fff819ba17d3097b9328c98f6819ee14b83702b37d0dea9bab2c
- SHA512
  
  2f66b32fb2a1bc43c71a39f714c523c922b8b13809b4e0bbdcac1a149a5d889032945cf3acf40548eb35599e4e825d87155080c08a2f4cc74701c37caabb5cec
- SSDEEP
  
  1536:hApSE6C7cFP6RDXa8albve1/xaT6F/BrNQkt8LZBVrM8tr:hAAkcF+Da86vSJaTPoYPrM8
Score

3^/10
behavioral5 behavioral6
- Target
  
  Serv-U/ServUAdmin.exe
- Size
  
  2.5MB
- MD5
  
  a1ce91003dab3490819f6c843e47077a
- SHA1
  
  a47333bbf7b59ea85a7dff63d0ae0cb5a1e8c21d
- SHA256
  
  89bcd46ae90b05d7b95f184b6cacd13e0be815140f92e35e52d3806f5457885c
- SHA512
  
  7903007c5e48b98dba4d564b9875cff53bda8d08861b005e194662bcd5d7f8b5a68ad39df4f6d99d81305f539f39234a67568b00adbe920014441cf19651d6f4
- SSDEEP
  
  49152:9PwrHFdwu54mXX2MUUKIUFtoaBQriFhV9o1TB5NYUgQAJv8gcZDL:mT5HXXIZHol6Ug4L
Score

1^/10
behavioral7 behavioral8
- Target
  
  Serv-U/ServUDaemon.exe
- Size
  
  299KB
- MD5
  
  f915567a70c18f2124d7825d691ed2ef
- SHA1
  
  d0edca33cea8be02fd874389d637ab23fc05010a
- SHA256
  
  18b6bec83992cc62d97ea016a3a3aa56a690fc3314a70da095678919140ea0bf
- SHA512
  
  32f6123b3f372f49015b0de93c1be0e16b6de65f597652d5cfda092c333aac7f025ea5f70c008c1cb85304c385269e0f9dbbde22881ebe1d8630047a462fec23
- SSDEEP
  
  6144:T00L77e1r3+YrxZJWVGTp5Ohoq5P/W8XaMPlmwGlBndJrfnSx6dGUJX:TxL7+TdWUpCoq5nHXAplBdBJT
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  Serv-U/ServUPerfCount.dll
- Size
  
  60KB
- MD5
  
  8cf7d383f9b20be9ba8e8ec2bd1518c7
- SHA1
  
  1c4b38055d7490cb2fb5e9d09600089bf84cfad5
- SHA256
  
  3f1c1eda9df77e5f2439ddecb91357fb43e7911d2d3f6ffc2c70d93b047c33ba
- SHA512
  
  4419cc45686d8684bea2f05a57412cb7b3872aeee745dd01345c9dbbe8ff571d0221b5485721eb6fe49fb3e6a1c8dabacab44553b56ee12fb71effd9242811c5
- SSDEEP
  
  768:wmlDyMsSL4YK1fzog/iyd1ELWvzTbladUvTt2M1jrlnGTT6U:F0MsSwRzog6qELIzTkKvTX9lGTT6
Score

1^/10
behavioral11 behavioral12
- Target
  
  Serv-U/ServUTray.exe
- Size
  
  64KB
- MD5
  
  cacb65942b401c7ae03b357288432002
- SHA1
  
  04d1f70dcc7f8077e0f97b0f77adb27f76d8fa53
- SHA256
  
  fe4376c5e29c31f39390dedef8722af2d394e9104419ec65e6947b9f8c0bdf3e
- SHA512
  
  3c77c0238fcd9774945ca482a507d2ed92d6b8e14e398318dc994b46867d4f6e52712ed91f61bd109a5a337974674d8bf7c0ed5fdbc9b20a260af2c3117257fe
- SSDEEP
  
  1536:DDR5D8dF2vc+tojgXBk13NB7N29R0rzj6FDL:Dz84toCBawgjkDL
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral13 behavioral14
- Target
  
  Serv-U/SetupUtil.exe
- Size
  
  244KB
- MD5
  
  4ff546fff9208ef15abd686e2cacbede
- SHA1
  
  3df25602ed4850bc059b873a77117277f11865f9
- SHA256
  
  bbd5f8414b562a9afb9becd39c63e8aa0e1f2d2d9e04c0ed99fa09b88f4be8e8
- SHA512
  
  cca982ff794032bf38c43fe85ef87bd0fe20fdc109f29782549d6d92827b403a04d5c3c3c6ece1a46c2dfc1d19c1683cf47427b6e97075f601b9683389791e95
- SSDEEP
  
  6144:XkNqiQhaADxQVrzQ3CNfvTWTsIhvCFVa:0NNMaADYniTw
Score

1^/10
behavioral15 behavioral16
- Target
  
  Serv-U/libeay32.dll
- Size
  
  988KB
- MD5
  
  925e945f54a57b13328b4d3b6b395345
- SHA1
  
  0d35af5b61d49200203a7eb7117b62030f2159f1
- SHA256
  
  183185485b3d99e5dd15f12d8c8870a813d2c2821f5194f6c8de06570afded0c
- SHA512
  
  3243d919a3faab18a81b7aff2eb81688d12c6fe2f9c993d76b904f063e50497cbeaba0d703aac894fd7c7457ab8f37cb8ea8d000ac4fd3c5dee8cd0f6f8523a4
- SSDEEP
  
  12288:D5pN+NVbf1xyzEwz2hNmFgEO366suMBdKI7JpO99btWLeBuvW6s:D53MQ6wFgj6Ip+pOfbme8O6s
Score

1^/10
behavioral17 behavioral18
- Target
  
  Serv-U/ssleay32.dll
- Size
  
  192KB
- MD5
  
  2d21ed3142f96ad4c098d5a5e22b4f64
- SHA1
  
  e3cf4824493f1c682c53085e33004dcec46e3dc8
- SHA256
  
  5a32cb011fa34addc8e33dd6e98840f29d98321e94450297cd91652d166edb43
- SHA512
  
  026a5619d323b4ce737b339a7f8cdf8785a7427d43656e426b1a0d06c29389b1e78380c3c6b3d398804699e51606b97375be0c488768057fcda94cfa775b565b
- SSDEEP
  
  3072:ygMd3fseT8FAjlrC2cSLCs25fCre5I2SujPIRfKjEUTeJgR7u9Ea3ASu1aVU:qjT4Ajlm2ZGsefCrQ5ARUExJgW3ASt
Score

1^/10
behavioral19 behavioral20
- Target
  
  Serv-U/zlib1.dll
- Size
  
  58KB
- MD5
  
  80e41408f6d641dc1c0f5353a0cc8125
- SHA1
  
  6d957ba632df5b06d49a901f2772df4301610a2a
- SHA256
  
  b09537250201236472ccd3caff5c0c12a5fad262e1e951350e9e5ed2a81d9dde
- SHA512
  
  857d4dc087c73f00d79bf70edfc67ddc0b15a86a4fff366d91e5ef6684af43eed7dcf8579f6b4fb35dedd090973e2bde1a82aae07642136b608eeb1d567e5c03
- SSDEEP
  
  1536:b/jUwfZ7BURaHUry7nToIfYIOlIO+CM6:1x7BURaHUrgTBfev+CM6
Score

3^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22