eb3218febf123db48ce4b1c1e9b193d50e3756ee1d8353e5511399901cedfbe6 | Triage

Submit
Reports

Overview

overview

Static

static

7

afdc983a14...84.exe

windows7-x64

afdc983a14...84.exe

windows10-2004-x64

Sharing

General

Target

afdc983a14af2ea2ad81e132c0e36784
Size

618KB
Sample

240301-avl5ksha47
MD5

afdc983a14af2ea2ad81e132c0e36784
SHA1

efff0f2da5033dcbf0916b6e8e37ed9ac7afc78a
SHA256

eb3218febf123db48ce4b1c1e9b193d50e3756ee1d8353e5511399901cedfbe6
SHA512

2e662743ef31e6f167606621a495d4c02ea49c1f23e28781189e37cdc09e0add83b910a400808d3943e69eab143a6642f1b81a26891a1f56aaf562f70b7bdea6
SSDEEP

12288:DqjENgTj2zya6WUAz0mjvFsUSd8uONjFL+KTKSPswmadW4kJQXRD:DRLUs0m7OzuuOOKTfPBkiBD

Score

10^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

afdc983a14af2ea2ad81e132c0e36784.exe

Resource

win7-20240220-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

afdc983a14af2ea2ad81e132c0e36784.exe

Resource

win10v2004-20240226-en

persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  afdc983a14af2ea2ad81e132c0e36784
- Size
  
  618KB
- MD5
  
  afdc983a14af2ea2ad81e132c0e36784
- SHA1
  
  efff0f2da5033dcbf0916b6e8e37ed9ac7afc78a
- SHA256
  
  eb3218febf123db48ce4b1c1e9b193d50e3756ee1d8353e5511399901cedfbe6
- SHA512
  
  2e662743ef31e6f167606621a495d4c02ea49c1f23e28781189e37cdc09e0add83b910a400808d3943e69eab143a6642f1b81a26891a1f56aaf562f70b7bdea6
- SSDEEP
  
  12288:DqjENgTj2zya6WUAz0mjvFsUSd8uONjFL+KTKSPswmadW4kJQXRD:DRLUs0m7OzuuOOKTfPBkiBD
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy