ede9d62bc9c463f8f441b32d193db742316cd406a3554bee0d939cc378524168 | Triage

Submit
Reports

Overview

overview

Static

static

7

6757e80904...11.exe

windows7-x64

6757e80904...11.exe

windows10-2004-x64

Sharing

General

Target

6757e809044258876444adfd573ba511
Size

373KB
Sample

240119-l5hexsbfdr
MD5

6757e809044258876444adfd573ba511
SHA1

eb65cc7841af1c892847719c685ab8e086427f39
SHA256

ede9d62bc9c463f8f441b32d193db742316cd406a3554bee0d939cc378524168
SHA512

5c3a6ed71c5502d950c81ea12b6bacb80cbb5e8d06d19a456f9c2559a20ca334b3917e51094e80f5ae721fb78ceb151353a185d41ef05384ee898fc760c50a3d
SSDEEP

6144:MlZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76lKgJG:MHLUMuiv9RgfSjAzRtyE

Score

10^/10

evasion persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

6757e809044258876444adfd573ba511.exe

Resource

win7-20231215-en

evasion persistence upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

6757e809044258876444adfd573ba511.exe

Resource

win10v2004-20231215-en

evasion persistence upx

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  6757e809044258876444adfd573ba511
- Size
  
  373KB
- MD5
  
  6757e809044258876444adfd573ba511
- SHA1
  
  eb65cc7841af1c892847719c685ab8e086427f39
- SHA256
  
  ede9d62bc9c463f8f441b32d193db742316cd406a3554bee0d939cc378524168
- SHA512
  
  5c3a6ed71c5502d950c81ea12b6bacb80cbb5e8d06d19a456f9c2559a20ca334b3917e51094e80f5ae721fb78ceb151353a185d41ef05384ee898fc760c50a3d
- SSDEEP
  
  6144:MlZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76lKgJG:MHLUMuiv9RgfSjAzRtyE
Score

10^/10

evasion persistence upx
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Sets file execution options in registry
  persistence
- Modifies system executable filetype association
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2024

Terms | Privacy