e82e133b5ee167a73e626f133cbde918bb3a3753946c9c7809d9d89020be8d76 | Triage

Submit
Reports

Overview

overview

Static

static

3

de7eeb4fe9...ee.exe

windows7-x64

de7eeb4fe9...ee.exe

windows10-2004-x64

Sharing

General

Target

de7eeb4fe94f3780069e65235e6f21ee
Size

324KB
Sample

240325-vgwgbade38
MD5

de7eeb4fe94f3780069e65235e6f21ee
SHA1

0de2272549162fec81f59a0a8e915a0a9ac79b60
SHA256

e82e133b5ee167a73e626f133cbde918bb3a3753946c9c7809d9d89020be8d76
SHA512

dec6b609b7364728bb33d4200ce202b3e6781d9a97e06baf18370b4ca2d6476c994d0cda61d73f650537fc7f69bd203b6238eb085ca05e532fb3920aee53238d
SSDEEP

3072:yDGhJvwtLiiJPH1Q19f4tZMQflYPNLK8VZQ3oe978H0fQeQC8gOTc4asFHDz+2Rf:Nw+9sfofH4aCAUsFHDNO8eyifrru

Score

10^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

de7eeb4fe94f3780069e65235e6f21ee.exe

Resource

win7-20240221-en

evasion persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

de7eeb4fe94f3780069e65235e6f21ee.exe

Resource

win10v2004-20240226-en

evasion persistence upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  de7eeb4fe94f3780069e65235e6f21ee
- Size
  
  324KB
- MD5
  
  de7eeb4fe94f3780069e65235e6f21ee
- SHA1
  
  0de2272549162fec81f59a0a8e915a0a9ac79b60
- SHA256
  
  e82e133b5ee167a73e626f133cbde918bb3a3753946c9c7809d9d89020be8d76
- SHA512
  
  dec6b609b7364728bb33d4200ce202b3e6781d9a97e06baf18370b4ca2d6476c994d0cda61d73f650537fc7f69bd203b6238eb085ca05e532fb3920aee53238d
- SSDEEP
  
  3072:yDGhJvwtLiiJPH1Q19f4tZMQflYPNLK8VZQ3oe978H0fQeQC8gOTc4asFHDz+2Rf:Nw+9sfofH4aCAUsFHDNO8eyifrru
Score

10^/10

evasion persistence upx
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- Modifies Installed Components in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy