Overview

overview

10

Static

static

7

Lightroom_Set-Up.exe

windows11-21h2-x64

10

out.exe

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lightroom_Set-Up.exe

  • Size

    3.0MB

  • Sample

    240311-sqzh8aab42

  • MD5

    b08acb09d628deefc3661d53879024cc

  • SHA1

    2bf63fe0a9d80f005761c50818c16db6b6127402

  • SHA256

    74ca0e628c79d64b8801b16abef652a0144011750b04b733a7493e6592445ab7

  • SHA512

    0dcdf411a35bee983b11d6450a377650a4f4802eac74b31556118f7792ca53202388b4bef35199e447e2f3a3af94ccb9f47ed268d3ce901fce36d44d91f283b5

  • SSDEEP

    49152:PZnCRw3438x0TVDKNxOafuUYUc9no2IWkAyf1CQ+v5XxCv6Px2i:PARw3UJKHOa/Xffs0S52i

Score
10/10
adobephishingupx

Malware Config

Targets

    • Target

      Lightroom_Set-Up.exe

    • Size

      3.0MB

    • MD5

      b08acb09d628deefc3661d53879024cc

    • SHA1

      2bf63fe0a9d80f005761c50818c16db6b6127402

    • SHA256

      74ca0e628c79d64b8801b16abef652a0144011750b04b733a7493e6592445ab7

    • SHA512

      0dcdf411a35bee983b11d6450a377650a4f4802eac74b31556118f7792ca53202388b4bef35199e447e2f3a3af94ccb9f47ed268d3ce901fce36d44d91f283b5

    • SSDEEP

      49152:PZnCRw3438x0TVDKNxOafuUYUc9no2IWkAyf1CQ+v5XxCv6Px2i:PARw3UJKHOa/Xffs0S52i

    Score
    10/10
    adobephishingupx

    • Detected adobe phishing page

      phishingadobe

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      out.upx

    • Size

      9.4MB

    • MD5

      dfbde94723f6fe0fd3f97d3734258b22

    • SHA1

      6c1edecdb27bcc60233645d7518abcb3576d604a

    • SHA256

      bc0d0943bdb627184f53b9193f848c07e3c2e1b8b40ddca8a8b789931d7057e8

    • SHA512

      46fa5be4ee53950c74a7fddbddb845e48513059ad703972a06ff55c15a03abefab56dd3c2e3f77072bbc68a694bc58d5c68fc79ae542e4f3a5509e55ba34e7db

    • SSDEEP

      98304:E506b6UVePVZDslFWaoNBm4BwoEOAXH7CvtwvMdBxn5R5dUYzhOUCZb/el:jYefDGFWXmucOAXuvVf+5

    Score
    3/10
    behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks