71e85c02d04eb18278f2652ed30667dd24296d2b444cc5bffe4cb23aca38e74e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b643f53be31a8d4a5f34617af55cd7ff
Size

2.4MB
Sample

240306-cr16fahg24
MD5

b643f53be31a8d4a5f34617af55cd7ff
SHA1

aab5627bdfdb2aaa9d7e1d2d8926e03e2475c229
SHA256

71e85c02d04eb18278f2652ed30667dd24296d2b444cc5bffe4cb23aca38e74e
SHA512

5a576a71f4b06002f446caf4052465c3a9e538066af95394a0261eec7f992d7d24d62d0b35a6aa13bb1f89f54e603ab963188c4051fbf353bd2ba3296ad77230
SSDEEP

49152:69zad4D8o3lVQk1/iLa91FHfdLAr9rvlcPDnAXc0EyF+jlXkk2v+wmC:69zad4Dd3bNpiLa91FHfVg9rvlcPDWbd

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  b643f53be31a8d4a5f34617af55cd7ff
- Size
  
  2.4MB
- MD5
  
  b643f53be31a8d4a5f34617af55cd7ff
- SHA1
  
  aab5627bdfdb2aaa9d7e1d2d8926e03e2475c229
- SHA256
  
  71e85c02d04eb18278f2652ed30667dd24296d2b444cc5bffe4cb23aca38e74e
- SHA512
  
  5a576a71f4b06002f446caf4052465c3a9e538066af95394a0261eec7f992d7d24d62d0b35a6aa13bb1f89f54e603ab963188c4051fbf353bd2ba3296ad77230
- SSDEEP
  
  49152:69zad4D8o3lVQk1/iLa91FHfdLAr9rvlcPDnAXc0EyF+jlXkk2v+wmC:69zad4Dd3bNpiLa91FHfVg9rvlcPDWbd
Score

8^/10

persistence upx
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2