2e64d156602f4164d6b03e8ba24bcc6a0692eded957a9d5e91a290fb76eac206 | Triage

Sharing

General

Target

cf887221e7eb733bcf7639e7970aca22
Size

373KB
Sample

240317-be3m3aba5w
MD5

cf887221e7eb733bcf7639e7970aca22
SHA1

b0796719feef70f4fbe10bc3e95004e2c0bf1110
SHA256

2e64d156602f4164d6b03e8ba24bcc6a0692eded957a9d5e91a290fb76eac206
SHA512

412eaacd541fe9aec49452f021c421d93a766e3ad6840749dda7eed450e6fc8e6522575a2dd4b3fe63e2aa74fcf39e696bb2de8b45400bbc51ac39e9e95d2573
SSDEEP

6144:TAzF9RD/MHz2p5ZmwWPsEJ41SF5tKqECHWmXBShbfZzjHZ7fBQ0Q0Q:UFLDEypvmJsWrF5tKzmxSTjHpJRQ0Q

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  cf887221e7eb733bcf7639e7970aca22
- Size
  
  373KB
- MD5
  
  cf887221e7eb733bcf7639e7970aca22
- SHA1
  
  b0796719feef70f4fbe10bc3e95004e2c0bf1110
- SHA256
  
  2e64d156602f4164d6b03e8ba24bcc6a0692eded957a9d5e91a290fb76eac206
- SHA512
  
  412eaacd541fe9aec49452f021c421d93a766e3ad6840749dda7eed450e6fc8e6522575a2dd4b3fe63e2aa74fcf39e696bb2de8b45400bbc51ac39e9e95d2573
- SSDEEP
  
  6144:TAzF9RD/MHz2p5ZmwWPsEJ41SF5tKqECHWmXBShbfZzjHZ7fBQ0Q0Q:UFLDEypvmJsWrF5tKzmxSTjHpJRQ0Q
Score

7^/10

persistence upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2