ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8 | Triage

Submit
Reports

Overview

overview

Static

static

ebfc328a1c...a8.exe

windows7-x64

9

ebfc328a1c...a8.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8
Size

616KB
Sample

240327-b8hvrahf59
MD5

ea3da0c95ee2e9ef3a7e9db4433dd78a
SHA1

0b08c605684208be75e58a5199c20e001bdb8676
SHA256

ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8
SHA512

c70f97a4777f16c9561c285f46cbe37ac078d80aba82488ffe77cd09f895046741e48e34a493d18a3824710f975d177bc089b6513193d2f6e5c54ef5d999a47e
SSDEEP

12288:wlbd+Baplw9U+qMi8CtdVldusIh6BBHCHrKZXCktSzIzWpX5y:Wbd+oYTqMi8CtBd2QHCHmTBW5y

Score

10^/10

persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8.exe

Resource

win10v2004-20240319-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8
- Size
  
  616KB
- MD5
  
  ea3da0c95ee2e9ef3a7e9db4433dd78a
- SHA1
  
  0b08c605684208be75e58a5199c20e001bdb8676
- SHA256
  
  ebfc328a1ccee1f7035d43ab4948f4f9bfef02c5d2b328c0df80f8203bf417a8
- SHA512
  
  c70f97a4777f16c9561c285f46cbe37ac078d80aba82488ffe77cd09f895046741e48e34a493d18a3824710f975d177bc089b6513193d2f6e5c54ef5d999a47e
- SSDEEP
  
  12288:wlbd+Baplw9U+qMi8CtdVldusIh6BBHCHrKZXCktSzIzWpX5y:Wbd+oYTqMi8CtBd2QHCHmTBW5y
Score

9^/10

persistence
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy