64700929a962499a22aa113a9d65c52118ac590ccbb2bac32def207f6d6d90de | Triage

Submit
Reports

Overview

overview

Static

static

7

52134e3e35...56.exe

windows7-x64

52134e3e35...56.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

52134e3e35b9282f2eed10036d4ce956
Size

521KB
Sample

240111-a2vejabcdp
MD5

52134e3e35b9282f2eed10036d4ce956
SHA1

4db1297cac639c00daf13b011f365b66044399e1
SHA256

64700929a962499a22aa113a9d65c52118ac590ccbb2bac32def207f6d6d90de
SHA512

d611b384f001bf78d12e8e38224b4270b7890d47874023c4e6d8d427ea541a0717efca86d8b2dd50ec5f7bfda344e238c55bc8a025b62e969aff756fbed4436e
SSDEEP

6144:Jrpg/tzZfgqrIRAZCqcWP12MZkL5E0T11gkizxbQFLyKDQ3rG3eRJkSh5lQR:Jrpyz2qrIPq3XZkLWigfYLypq3eRJJbk

Score

10^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

52134e3e35b9282f2eed10036d4ce956.exe

Resource

win7-20231215-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

52134e3e35b9282f2eed10036d4ce956.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  52134e3e35b9282f2eed10036d4ce956
- Size
  
  521KB
- MD5
  
  52134e3e35b9282f2eed10036d4ce956
- SHA1
  
  4db1297cac639c00daf13b011f365b66044399e1
- SHA256
  
  64700929a962499a22aa113a9d65c52118ac590ccbb2bac32def207f6d6d90de
- SHA512
  
  d611b384f001bf78d12e8e38224b4270b7890d47874023c4e6d8d427ea541a0717efca86d8b2dd50ec5f7bfda344e238c55bc8a025b62e969aff756fbed4436e
- SSDEEP
  
  6144:Jrpg/tzZfgqrIRAZCqcWP12MZkL5E0T11gkizxbQFLyKDQ3rG3eRJkSh5lQR:Jrpyz2qrIPq3XZkLWigfYLypq3eRJJbk
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy