63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e | Triage

Submit
Reports

Overview

overview

Static

static

7

63f12f4bf0...3e.exe

windows7-x64

63f12f4bf0...3e.exe

windows10-2004-x64

Sharing

General

Target

63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e
Size

21KB
Sample

240507-1wjc7aaa4s
MD5

215b750f5dd4ae4a4719ed47d167efb8
SHA1

1bf6746df699e25a0a9bb756785f0aae7fb9ec65
SHA256

63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e
SHA512

684ed443ffc4c86689388fbd14880e6ada066b0f04b5849952863ef5dfb5189ded342be956da3fffc04965e1a90be545a3c26217272630e2cfb4a0a8794af9d7
SSDEEP

384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6y:rRkiLw3HsDSARGG/MMb7ry

Score

10^/10

evasion persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e.exe

Resource

win7-20240221-en

evasion persistence trojan upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e.exe

Resource

win10v2004-20240419-en

evasion persistence trojan upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e
- Size
  
  21KB
- MD5
  
  215b750f5dd4ae4a4719ed47d167efb8
- SHA1
  
  1bf6746df699e25a0a9bb756785f0aae7fb9ec65
- SHA256
  
  63f12f4bf0e169fb16f99e02ccd4242c435e5fa4103fd96f37cce1982f200c3e
- SHA512
  
  684ed443ffc4c86689388fbd14880e6ada066b0f04b5849952863ef5dfb5189ded342be956da3fffc04965e1a90be545a3c26217272630e2cfb4a0a8794af9d7
- SSDEEP
  
  384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6y:rRkiLw3HsDSARGG/MMb7ry
Score

10^/10

evasion persistence trojan upx
- Windows security bypass
  evasion trojan
- Drops file in Drivers directory
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojanupx

behavioral2

evasionpersistencetrojanupx

© 2018-2025

Terms | Privacy