Overview

overview

9

Static

static

3

92eb323e02...5b.exe

windows7-x64

9

92eb323e02...5b.exe

windows10-2004-x64

9

Resubmissions

09-04-2024 13:37

240409-qwz1tsbf5w 7

09-04-2024 13:37

240409-qwzp3abf5v 7

09-04-2024 13:37

240409-qwy4jabf5t 9

09-04-2024 13:37

240409-qwyg1abf4z 8

05-03-2024 02:32

240305-c1nlpsch53 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92eb323e0240228429277748079975b5626bed0bf249ec53e7fa78c88ede0c5b.exe

  • Size

    1.8MB

  • Sample

    240305-c1nlpsch53

  • MD5

    f41c9e6ca239395e71bcf027987282dc

  • SHA1

    560a973e308f20e0dbe64a38eaeaa22285ced049

  • SHA256

    92eb323e0240228429277748079975b5626bed0bf249ec53e7fa78c88ede0c5b

  • SHA512

    cbf99c0e43b3a314ee6681f8655a269c0d51e4d40c10ea9c8571be30c5d69c0287c57be5b13e4fa7aecad7095efb4a741f1839dc9089251f41fa96f35011764a

  • SSDEEP

    24576:h7OEqlRKCYqoxOMto8enhtiQkbx6zWXXfKfzZn00Eze2aP4sjagjotkEz4RaZMjM:h7B50L7fiQ26zEXfId0vFaQgMh4pj

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      92eb323e0240228429277748079975b5626bed0bf249ec53e7fa78c88ede0c5b.exe

    • Size

      1.8MB

    • MD5

      f41c9e6ca239395e71bcf027987282dc

    • SHA1

      560a973e308f20e0dbe64a38eaeaa22285ced049

    • SHA256

      92eb323e0240228429277748079975b5626bed0bf249ec53e7fa78c88ede0c5b

    • SHA512

      cbf99c0e43b3a314ee6681f8655a269c0d51e4d40c10ea9c8571be30c5d69c0287c57be5b13e4fa7aecad7095efb4a741f1839dc9089251f41fa96f35011764a

    • SSDEEP

      24576:h7OEqlRKCYqoxOMto8enhtiQkbx6zWXXfKfzZn00Eze2aP4sjagjotkEz4RaZMjM:h7B50L7fiQ26zEXfId0vFaQgMh4pj

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks