07e09240c8dcbd51bed62960fcb53e3bd5a5c577b4a7dba5338159ca063730c0 | Triage

Submit
Reports

Overview

overview

Static

static

3

ded64896de...57.exe

windows7-x64

ded64896de...57.exe

windows10-2004-x64

Sharing

General

Target

ded64896de4bc40231937ec25f9c0b57
Size

407KB
Sample

240326-lgpt4aaa91
MD5

ded64896de4bc40231937ec25f9c0b57
SHA1

df492040001cd7d1a43ba48a149eaeb5d4448be6
SHA256

07e09240c8dcbd51bed62960fcb53e3bd5a5c577b4a7dba5338159ca063730c0
SHA512

ab1a7e33279983108f52cd0189f6ba9cf47654452ec95873d42c2d5eda2c614f7f76fc203894333459041b56801035ad31279911ec16985b35e38489dbac63a2
SSDEEP

12288:Cg0Cq6x4aIhpJIew5rzWZfb6YkOVYGXKmRjVNw:CyfsJezoxkOVim

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ded64896de4bc40231937ec25f9c0b57.exe

Resource

win7-20240221-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ded64896de4bc40231937ec25f9c0b57.exe

Resource

win10v2004-20231215-en

persistence upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  ded64896de4bc40231937ec25f9c0b57
- Size
  
  407KB
- MD5
  
  ded64896de4bc40231937ec25f9c0b57
- SHA1
  
  df492040001cd7d1a43ba48a149eaeb5d4448be6
- SHA256
  
  07e09240c8dcbd51bed62960fcb53e3bd5a5c577b4a7dba5338159ca063730c0
- SHA512
  
  ab1a7e33279983108f52cd0189f6ba9cf47654452ec95873d42c2d5eda2c614f7f76fc203894333459041b56801035ad31279911ec16985b35e38489dbac63a2
- SSDEEP
  
  12288:Cg0Cq6x4aIhpJIew5rzWZfb6YkOVYGXKmRjVNw:CyfsJezoxkOVim
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy