42cdb16f6dd64c4fec30c7a71960fe4d0015862c37e7b02c8dba5c0d68384c74 | Triage

Resubmissions

10-03-2024 18:36

240310-w82cbahh95 7

10-03-2024 18:35

240310-w8seeaac4z 7

13-02-2024 07:31

240213-jcg8cadh33 7

03-02-2024 13:32

240203-qsyctscghk 7

03-02-2024 10:01

240203-l2b4qsefh7 7

03-02-2024 09:24

240203-lc9cyagdbr 10

02-02-2024 17:56

240202-wh898seagm 7

02-02-2024 17:53

240202-wgcvmsbgg5 7

Sharing

General

Target

rufus-4.4.exe
Size

1.4MB
Sample

240202-wedn6adhgp
MD5

7a4662bb7f331d2252f3d949657d821d
SHA1

ad53fddfbcead7b3e6c322c0aad8c4a826bd4967
SHA256

42cdb16f6dd64c4fec30c7a71960fe4d0015862c37e7b02c8dba5c0d68384c74
SHA512

a1d111fc91cd470d36bd4640884b3550c6a4035e8c5bc5176dc9f67aa2ef8be6fc12956d0b351c272d8bb89646546dac868b32d1d1985dee86ffb6e971b14f3f
SSDEEP

24576:wOyBSB04yZT5Z6iqUbVEMs6MrhXlPrBnr/TwcEgzXIdVWLpuL94q:XgZT5ZSU1fUhXhrBnbTbaAIt

Score

7^/10

evasion trojan upx

Malware Config

Targets

- Target
  
  rufus-4.4.exe
- Size
  
  1.4MB
- MD5
  
  7a4662bb7f331d2252f3d949657d821d
- SHA1
  
  ad53fddfbcead7b3e6c322c0aad8c4a826bd4967
- SHA256
  
  42cdb16f6dd64c4fec30c7a71960fe4d0015862c37e7b02c8dba5c0d68384c74
- SHA512
  
  a1d111fc91cd470d36bd4640884b3550c6a4035e8c5bc5176dc9f67aa2ef8be6fc12956d0b351c272d8bb89646546dac868b32d1d1985dee86ffb6e971b14f3f
- SSDEEP
  
  24576:wOyBSB04yZT5Z6iqUbVEMs6MrhXlPrBnr/TwcEgzXIdVWLpuL94q:XgZT5ZSU1fUhXhrBnbTbaAIt
Score

7^/10

evasion trojan upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx