e649ce87615f6aa71e6713cfddcc2736ab30c76c3b7da88d78b80a8b206538b0 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

36f85fe754...90.exe

windows7-x64

7

36f85fe754...90.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

36f85fe754ebee9cd3c6f0c56e2e3d90
Size

367KB
Sample

231225-xv7slsbab6
MD5

36f85fe754ebee9cd3c6f0c56e2e3d90
SHA1

997484031062584ab6a720f40f56efec15c2c278
SHA256

e649ce87615f6aa71e6713cfddcc2736ab30c76c3b7da88d78b80a8b206538b0
SHA512

2140f859e2464cfe6580f101f875f366b92a31b9ebc949d51f22162c942d95f2cd13e43c280cbf954a285f7a5a4fe746bcb6a234d2b1b0cf25876bb980012bc1
SSDEEP

6144:df3ipYZsiZh1H9oFVFvJYVQl4HogAiKJ7/C6JHfrzczOAA0n7aESBxI3DsFFy7cb:xipYHh1H9o++9nzJ766JHfr2rSkIFFtB

Score

7^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

36f85fe754ebee9cd3c6f0c56e2e3d90.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

36f85fe754ebee9cd3c6f0c56e2e3d90.exe

Resource

win10v2004-20231215-en

persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  36f85fe754ebee9cd3c6f0c56e2e3d90
- Size
  
  367KB
- MD5
  
  36f85fe754ebee9cd3c6f0c56e2e3d90
- SHA1
  
  997484031062584ab6a720f40f56efec15c2c278
- SHA256
  
  e649ce87615f6aa71e6713cfddcc2736ab30c76c3b7da88d78b80a8b206538b0
- SHA512
  
  2140f859e2464cfe6580f101f875f366b92a31b9ebc949d51f22162c942d95f2cd13e43c280cbf954a285f7a5a4fe746bcb6a234d2b1b0cf25876bb980012bc1
- SSDEEP
  
  6144:df3ipYZsiZh1H9oFVFvJYVQl4HogAiKJ7/C6JHfrzczOAA0n7aESBxI3DsFFy7cb:xipYHh1H9o++9nzJ766JHfr2rSkIFFtB
Score

7^/10

persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy