25ae68cdffbc5665b2ab458aa70b6273445130f021088a7bdc08b7fdfcb94b77 | Triage

Sharing

General

Target

ap-file-vaultFile9081945144037048205.vol-873034707.zip
Size

105KB
Sample

240405-cdbnmahh47
MD5

0529b8d11702c1d6f13d61f82986eea0
SHA1

6ade799e18ec4a97c3d5eefa22324c9f3a1c63f0
SHA256

25ae68cdffbc5665b2ab458aa70b6273445130f021088a7bdc08b7fdfcb94b77
SHA512

a46931af14af53550540536ea6280b7c84ff6b4f676e13e04078476e2ca1cb9392cd64c3f2c3f76121816584d777e9de53f80b4d429b9d4063848cea069e3058
SSDEEP

3072:WhFBTHAedZav9xOsJqLnt4xb1j0gAsdhw7Y:0FBTHAeOusELnQRB8Y

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  vaultFile9081945144037048205.vol
- Size
  
  131KB
- MD5
  
  b0bcb1480c58dd7fca3c18f294ed0af7
- SHA1
  
  2970be435950fc4903843697018341a949cdf59a
- SHA256
  
  7670b172bd164ce649c108c62f0d24f4066501a24d61f20cb3dccace3e2ceb1c
- SHA512
  
  cc2455142e289c8497a168461fd2a98cc760492d218441879e3e2ce989bd041ecc1f87b18ae56a752db968e851418044d705ea9cdff01df0c321d02099df3aa3
- SSDEEP
  
  1536:mj2AwKrSEq7T6+TIyKECWQxK+oyEIXQ7+JLIzbPhwGsscat5DdPYMJp8UpM3cbdD:k2AwNex0AXQ7+crmy5PJp8+Dhxvg1+8U
Score

7^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1