20ab2bf25167e915ec68d5723ee66077e2e78608ae8601634ca4d3a08ce2dd96 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

b4e765c3c0...37.exe

windows7-x64

7

b4e765c3c0...37.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

b4e765c3c083f58f6421450e49f4a137
Size

666KB
Sample

240305-rkeq7ahf28
MD5

b4e765c3c083f58f6421450e49f4a137
SHA1

5bdce39ff34d09ab97def70aff91b45b32208847
SHA256

20ab2bf25167e915ec68d5723ee66077e2e78608ae8601634ca4d3a08ce2dd96
SHA512

b9e12077f765afd482cb42aa65bfb991685cb79817ffdae36b5c59d69e6e0e6f3f504803381061d6fe4dd4d1bcb04d57d3f00bb91e5bf24d0814c02d6ce8cdff
SSDEEP

12288:PbDqEkMs4q48IAeP0PifTEurPbvdqJplapLWTICNIYPKMTWN4t4OAUw91zRwIMfA:PXbs48LeP0P8E6dclWLi26KGOqMwIMY

Score

7^/10

discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b4e765c3c083f58f6421450e49f4a137.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4e765c3c083f58f6421450e49f4a137.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b4e765c3c083f58f6421450e49f4a137
- Size
  
  666KB
- MD5
  
  b4e765c3c083f58f6421450e49f4a137
- SHA1
  
  5bdce39ff34d09ab97def70aff91b45b32208847
- SHA256
  
  20ab2bf25167e915ec68d5723ee66077e2e78608ae8601634ca4d3a08ce2dd96
- SHA512
  
  b9e12077f765afd482cb42aa65bfb991685cb79817ffdae36b5c59d69e6e0e6f3f504803381061d6fe4dd4d1bcb04d57d3f00bb91e5bf24d0814c02d6ce8cdff
- SSDEEP
  
  12288:PbDqEkMs4q48IAeP0PifTEurPbvdqJplapLWTICNIYPKMTWN4t4OAUw91zRwIMfA:PXbs48LeP0P8E6dclWLi26KGOqMwIMY
Score

7^/10

discovery upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy