03a1b8ef1c2b1eaade2fa0e0b670859a994420506183d3ac74e38523024ac797 | Triage

Sharing

General

Target

03a1b8ef1c2b1eaade2fa0e0b670859a994420506183d3ac74e38523024ac797
Size

277KB
Sample

240212-yaxbtach35
MD5

6a5f8282e702d1a951b15aae8e5d13a3
SHA1

833e8d434e2c3629c7b5f6bc6ce18f91f664ffe2
SHA256

03a1b8ef1c2b1eaade2fa0e0b670859a994420506183d3ac74e38523024ac797
SHA512

1456e1c3381da2171cc8e5940ba0ae3c379d8821d4671916e2ea065d3f35a9602bff54aef58a8b7eac055103331daec90a4badb690570133709dbc9982596806
SSDEEP

6144:AAkl/DvNC3dMnB++CuBV+UdvrEFp7hK6h:AAklbvE+B++CuBjvrEH7th

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  03a1b8ef1c2b1eaade2fa0e0b670859a994420506183d3ac74e38523024ac797
- Size
  
  277KB
- MD5
  
  6a5f8282e702d1a951b15aae8e5d13a3
- SHA1
  
  833e8d434e2c3629c7b5f6bc6ce18f91f664ffe2
- SHA256
  
  03a1b8ef1c2b1eaade2fa0e0b670859a994420506183d3ac74e38523024ac797
- SHA512
  
  1456e1c3381da2171cc8e5940ba0ae3c379d8821d4671916e2ea065d3f35a9602bff54aef58a8b7eac055103331daec90a4badb690570133709dbc9982596806
- SSDEEP
  
  6144:AAkl/DvNC3dMnB++CuBV+UdvrEFp7hK6h:AAklbvE+B++CuBjvrEH7th
Score

8^/10

persistence upx
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2