Overview

overview

7

Static

static

3

upx.exe

windows7-x64

7

upx.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    148eb30b694644a8ae71bda30ee10888

  • Size

    849KB

  • Sample

    231224-11axlsaegp

  • MD5

    148eb30b694644a8ae71bda30ee10888

  • SHA1

    ca7739e843869e73f3726b95c3c3e077673dd7ec

  • SHA256

    36dc696349f45e47f491d957b92b092c99c17ae8b83b9521a0da11cd09dfe61e

  • SHA512

    2a8b6a7779fb49c95ac87dec83deb4fca74331de8488c64cb045fe0c4dfd7a24be4aa0c1b0d9a870005b971e2b7e4587124399cf280ce6da58869b8bdba2844a

  • SSDEEP

    24576:zPEyJ1urb0erTaXLf7Q0/9BbBP8H8LjXL7PULTiCWVU2:zPQr4mTALjQi9Bb+cL7sviS2

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      upx.exe

    • Size

      867KB

    • MD5

      b1848038518955c15caa6eba3c64bef7

    • SHA1

      8dac9712cceba9cd9b3874f219d18c7de2f47264

    • SHA256

      0814abec2c729524a252f05e24b5762dca7db39e10e00d211d5afcf5177c2e44

    • SHA512

      f1ada7296d4a6de071fda3b87d02b77ad57016406ccd02cebeaa3dd7d04fd7920dd838385d929deee5e1718eaa37e69ec4a13a2054bb66029193375ce9e645be

    • SSDEEP

      24576:4Z0OH0U23U4Lgk/gR+lNWszNcx4nhIoiC5LAmkzFk:4Z0A0UcgCgclcgNcuaoi0AmaF

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks