8d0afed27be60de5e3ffa950bba8610c37609323e518343f5f630784ccc01c93 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

4fef7b11ba...f5.exe

windows7-x64

7

4fef7b11ba...f5.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

4fef7b11ba5f6c1aa879258f949645f5
Size

172KB
Sample

240110-h7gpmacbb2
MD5

4fef7b11ba5f6c1aa879258f949645f5
SHA1

3af96d7032d7b531d2e4fd738454c67371f8632b
SHA256

8d0afed27be60de5e3ffa950bba8610c37609323e518343f5f630784ccc01c93
SHA512

ea386e254ac756d63fd960a6b29d6c062bb38edf86243d5deb46d91fb52a089c6af96e3bf2ddae9bc8f708b572521f4e8d8208e0db0a6a631de7baf44eecc6fd
SSDEEP

3072:oknDQKjWve2kd4PRDW8lJhrnB4K21ovQn+bQT8i7PBjoUZzulNQ3M:oknfWbPRDp8HWvQn+kftbzI

Score

7^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4fef7b11ba5f6c1aa879258f949645f5.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4fef7b11ba5f6c1aa879258f949645f5.exe

Resource

win10v2004-20231222-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  4fef7b11ba5f6c1aa879258f949645f5
- Size
  
  172KB
- MD5
  
  4fef7b11ba5f6c1aa879258f949645f5
- SHA1
  
  3af96d7032d7b531d2e4fd738454c67371f8632b
- SHA256
  
  8d0afed27be60de5e3ffa950bba8610c37609323e518343f5f630784ccc01c93
- SHA512
  
  ea386e254ac756d63fd960a6b29d6c062bb38edf86243d5deb46d91fb52a089c6af96e3bf2ddae9bc8f708b572521f4e8d8208e0db0a6a631de7baf44eecc6fd
- SSDEEP
  
  3072:oknDQKjWve2kd4PRDW8lJhrnB4K21ovQn+bQT8i7PBjoUZzulNQ3M:oknfWbPRDp8HWvQn+kftbzI
Score

7^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy