80c26f68b8a46af63f3ee4b35c8150f1710d7aaa1cf8e39cb5c94ec29e9b7c11 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

83dafce056...a5.exe

windows7-x64

7

83dafce056...a5.exe

windows10-2004-x64

7

Sharing

General

Target

83dafce0560e7493e6dae82c270131a5.exe
Size

394KB
Sample

240111-vh8s2acge8
MD5

83dafce0560e7493e6dae82c270131a5
SHA1

5fdfe162b399a315508a55535c5b1f31012e4f39
SHA256

80c26f68b8a46af63f3ee4b35c8150f1710d7aaa1cf8e39cb5c94ec29e9b7c11
SHA512

cf2a9c2db3ee19a17979d2b3e92103566a691d59af8f376a56fcc1df1be12a06d47d40c6df0a7e54db4e2575486fd481e95560813721440105e06ba49196e18e
SSDEEP

6144:9bpGtfoVtScw2RCgrzItQB2bpGtfoVtScw:TGtAtScw3qEKBYGtAtScw

Score

7^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

83dafce0560e7493e6dae82c270131a5.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

83dafce0560e7493e6dae82c270131a5.exe

Resource

win10v2004-20231215-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  83dafce0560e7493e6dae82c270131a5.exe
- Size
  
  394KB
- MD5
  
  83dafce0560e7493e6dae82c270131a5
- SHA1
  
  5fdfe162b399a315508a55535c5b1f31012e4f39
- SHA256
  
  80c26f68b8a46af63f3ee4b35c8150f1710d7aaa1cf8e39cb5c94ec29e9b7c11
- SHA512
  
  cf2a9c2db3ee19a17979d2b3e92103566a691d59af8f376a56fcc1df1be12a06d47d40c6df0a7e54db4e2575486fd481e95560813721440105e06ba49196e18e
- SSDEEP
  
  6144:9bpGtfoVtScw2RCgrzItQB2bpGtfoVtScw:TGtAtScw3qEKBYGtAtScw
Score

7^/10

persistence upx
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy