5fd93568cca77dd27586dc4a1e0f02f59ec64e6807ee5e72aa04ae4d2bae2338

Resubmissions

09/04/2024, 12:34

240409-przzlaac8s 8

09/04/2024, 12:26

09/04/2024, 12:26

09/04/2024, 12:26

09/04/2024, 12:26

Sharing

Copy URL Twitter E-mail

General

Target

5fd93568cca77dd27586dc4a1e0f02f59ec64e6807ee5e72aa04ae4d2bae2338
Size

2.0MB
Sample

240409-pmnqrseg88
MD5

800254df6a58674f74dad3b0b17567e9
SHA1

7b9d9ca917a8ea5d62e00b80b621ee20e477ee25
SHA256

5fd93568cca77dd27586dc4a1e0f02f59ec64e6807ee5e72aa04ae4d2bae2338
SHA512

443079d87dea5c4c8275a11e140eb175ad60698fd56f911313aafeab3f55d30c6b4f153b2850fd09adff492a81d3187775fda9c4ac7c6f4aa8cf4605c4f83b0e
SSDEEP

49152:cvYYta34BRM4SHK9WIaI5X3r/qTYMp1WWENpf0T26H0/:CYYYooq9WIT3uTZpsNf0680

Score

10^/10

persistence upx

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
mypocket.gr
Port:
21
Username:
[email protected]
Password:
grapsas1113

Extracted

Credentials

Protocol: ftp
Host:
chesscup.org
Port:
21
Username:
[email protected]

Targets

- Target
  
  5fd93568cca77dd27586dc4a1e0f02f59ec64e6807ee5e72aa04ae4d2bae2338
- Size
  
  2.0MB
- MD5
  
  800254df6a58674f74dad3b0b17567e9
- SHA1
  
  7b9d9ca917a8ea5d62e00b80b621ee20e477ee25
- SHA256
  
  5fd93568cca77dd27586dc4a1e0f02f59ec64e6807ee5e72aa04ae4d2bae2338
- SHA512
  
  443079d87dea5c4c8275a11e140eb175ad60698fd56f911313aafeab3f55d30c6b4f153b2850fd09adff492a81d3187775fda9c4ac7c6f4aa8cf4605c4f83b0e
- SSDEEP
  
  49152:cvYYta34BRM4SHK9WIaI5X3r/qTYMp1WWENpf0T26H0/:CYYYooq9WIT3uTZpsNf0680
Score

10^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Targets

UPX packed file

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4