813b88e46a8e6ebee2bd655368614a56f7b0d75a99a15802fde097ceecf42d87 | Triage

Submit
Reports

Overview

overview

Static

static

7

999b32b901...c5.exe

windows7-x64

999b32b901...c5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

999b32b901fbad9e2e4a864f938dafc5
Size

342KB
Sample

240213-rc1cxsbf5z
MD5

999b32b901fbad9e2e4a864f938dafc5
SHA1

44885786cf1b8633a8649c9fdfda789f9aa8153c
SHA256

813b88e46a8e6ebee2bd655368614a56f7b0d75a99a15802fde097ceecf42d87
SHA512

d3fc5e823b2f4073524298b19521e66d373e602342abfddae043dcc376e3f7c26772ef3157425115e646200fe53182d504361078a8e81cca8a704ee4ea5cf1c9
SSDEEP

6144:ZPkmB08j8jNBghl1E2gLaI2sE9+vJA1V5y30cXWM6V8YYaxKxIa9+wCCut:+mBP8jNBco12ISH1m3ZG5Nt5c+wKt

Score

10^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

999b32b901fbad9e2e4a864f938dafc5.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

999b32b901fbad9e2e4a864f938dafc5.exe

Resource

win10v2004-20231222-en

persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  999b32b901fbad9e2e4a864f938dafc5
- Size
  
  342KB
- MD5
  
  999b32b901fbad9e2e4a864f938dafc5
- SHA1
  
  44885786cf1b8633a8649c9fdfda789f9aa8153c
- SHA256
  
  813b88e46a8e6ebee2bd655368614a56f7b0d75a99a15802fde097ceecf42d87
- SHA512
  
  d3fc5e823b2f4073524298b19521e66d373e602342abfddae043dcc376e3f7c26772ef3157425115e646200fe53182d504361078a8e81cca8a704ee4ea5cf1c9
- SSDEEP
  
  6144:ZPkmB08j8jNBghl1E2gLaI2sE9+vJA1V5y30cXWM6V8YYaxKxIa9+wCCut:+mBP8jNBco12ISH1m3ZG5Nt5c+wKt
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy