cf21cf987a925f02c1f6910b82190448f0df5e863964462e5cf45b6af7b65992 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

54e81edcde...ed.exe

windows7-x64

7

54e81edcde...ed.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

54e81edcdee78e9569134d9f0edfdaed
Size

163KB
Sample

231226-fagx1sgcd9
MD5

54e81edcdee78e9569134d9f0edfdaed
SHA1

0e91a3b0ee87b13a846520b234b2a9852fb59caa
SHA256

cf21cf987a925f02c1f6910b82190448f0df5e863964462e5cf45b6af7b65992
SHA512

dbcd68d0f63b1a19c484a9c87923c3cc0d6787272af9d4d16d7d000a02f023db4c8d3231765e2c420f8812006e45e134fc23e45db5cee634ee307798f76313f7
SSDEEP

3072:feJTckE4vjYVC2skkkb7IhSMjwVhuprb3UYTyFXrV9N/:fJkE4vjjkkkbk40wVhup3kYGLN/

Score

7^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

54e81edcdee78e9569134d9f0edfdaed.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

54e81edcdee78e9569134d9f0edfdaed.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  54e81edcdee78e9569134d9f0edfdaed
- Size
  
  163KB
- MD5
  
  54e81edcdee78e9569134d9f0edfdaed
- SHA1
  
  0e91a3b0ee87b13a846520b234b2a9852fb59caa
- SHA256
  
  cf21cf987a925f02c1f6910b82190448f0df5e863964462e5cf45b6af7b65992
- SHA512
  
  dbcd68d0f63b1a19c484a9c87923c3cc0d6787272af9d4d16d7d000a02f023db4c8d3231765e2c420f8812006e45e134fc23e45db5cee634ee307798f76313f7
- SSDEEP
  
  3072:feJTckE4vjYVC2skkkb7IhSMjwVhuprb3UYTyFXrV9N/:fJkE4vjjkkkbk40wVhup3kYGLN/
Score

7^/10

persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy