49c249398b22c79efbea02dea714b2077fa5b03973ea518f687dce77225857d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46e5e8be4b71f957c798da2eb2e8cd24
Size

550KB
Sample

231226-ayh74agae5
MD5

46e5e8be4b71f957c798da2eb2e8cd24
SHA1

762635519ab08dcfadc94250c6bacac7ebf6cb00
SHA256

49c249398b22c79efbea02dea714b2077fa5b03973ea518f687dce77225857d2
SHA512

86eaecbe82ff172b275b1edf5d3a764f9c63c3229ec78f6e809246f96b1f2b1ef158017652e4cb819dbb2aa849c900d4d89daa599118fac745f7c44d78a0aebc
SSDEEP

6144:WWmjC+vq7S8hQOF2KciR0WkRHN/Xn93SvPbfZRWi9omPtH0yW3V+ZaNPV8UbP61U:pKqG2QeRQN/npSvPjnPFHzW3OaS

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  46e5e8be4b71f957c798da2eb2e8cd24
- Size
  
  550KB
- MD5
  
  46e5e8be4b71f957c798da2eb2e8cd24
- SHA1
  
  762635519ab08dcfadc94250c6bacac7ebf6cb00
- SHA256
  
  49c249398b22c79efbea02dea714b2077fa5b03973ea518f687dce77225857d2
- SHA512
  
  86eaecbe82ff172b275b1edf5d3a764f9c63c3229ec78f6e809246f96b1f2b1ef158017652e4cb819dbb2aa849c900d4d89daa599118fac745f7c44d78a0aebc
- SSDEEP
  
  6144:WWmjC+vq7S8hQOF2KciR0WkRHN/Xn93SvPbfZRWi9omPtH0yW3V+ZaNPV8UbP61U:pKqG2QeRQN/npSvPjnPFHzW3OaS
Score

7^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2