20271ea1004880aec625f5940c9780c32cc754b7052e6c5d2b3a87499e44f026 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3ca822c0d8c1abffda67fcf6264336e
Size

59KB
Sample

240312-tpblfafd38
MD5

c3ca822c0d8c1abffda67fcf6264336e
SHA1

32abffa8b4417261823eeee9354b4cf5c8ebd0c3
SHA256

20271ea1004880aec625f5940c9780c32cc754b7052e6c5d2b3a87499e44f026
SHA512

6a925aaa90db7870c152904aa6e09d967756409615f496a122159de6817f6a50711b949e9223f1db89c209c7c8369b3443c66969808f9ff86da2f5933fb8cdd6
SSDEEP

768:b26UI4fCJG4GWL6ralWKeryCMC0rWIAbpAt2U4lg/8oDFcnxy9pwvbGAZnT6j+Ft:SS4OG86rmCMW1a0bxTYjW

Score

8^/10

evasion persistence upx

Malware Config

Targets

- Target
  
  c3ca822c0d8c1abffda67fcf6264336e
- Size
  
  59KB
- MD5
  
  c3ca822c0d8c1abffda67fcf6264336e
- SHA1
  
  32abffa8b4417261823eeee9354b4cf5c8ebd0c3
- SHA256
  
  20271ea1004880aec625f5940c9780c32cc754b7052e6c5d2b3a87499e44f026
- SHA512
  
  6a925aaa90db7870c152904aa6e09d967756409615f496a122159de6817f6a50711b949e9223f1db89c209c7c8369b3443c66969808f9ff86da2f5933fb8cdd6
- SSDEEP
  
  768:b26UI4fCJG4GWL6ralWKeryCMC0rWIAbpAt2U4lg/8oDFcnxy9pwvbGAZnT6j+Ft:SS4OG86rmCMW1a0bxTYjW
Score

8^/10

evasion persistence upx
- Disables RegEdit via registry modification
  evasion
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx