021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c | Triage

Submit
Reports

Overview

overview

Static

static

021e1b2638...5c.exe

windows7-x64

021e1b2638...5c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c
Size

350KB
Sample

240512-ws2cdahf5z
MD5

f97a4295ad03eca377fd1fc568bbd5b8
SHA1

3829d7f26a2dc4194e925977e0abe8376e071e54
SHA256

021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c
SHA512

4689f638dc0a85eb07f541443a1a9ba6c3d7101b447d7c7b5e6eb139ada506b0fe0cec0af2c10339683ed1e91cf03eaf0553bc2d8b57e324f02f87180b838a32
SSDEEP

6144:6YRw73tpHVILifyeYVDcfflXpX6LRifyeYVDc:WDHyefyeYCdXpXZfyeY

Score

10^/10

persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c.exe

Resource

win7-20240508-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c
- Size
  
  350KB
- MD5
  
  f97a4295ad03eca377fd1fc568bbd5b8
- SHA1
  
  3829d7f26a2dc4194e925977e0abe8376e071e54
- SHA256
  
  021e1b263839e2a27dc38a9ed0d84b78c81a299aeb2565d7dc8775365544275c
- SHA512
  
  4689f638dc0a85eb07f541443a1a9ba6c3d7101b447d7c7b5e6eb139ada506b0fe0cec0af2c10339683ed1e91cf03eaf0553bc2d8b57e324f02f87180b838a32
- SSDEEP
  
  6144:6YRw73tpHVILifyeYVDcfflXpX6LRifyeYVDc:WDHyefyeYCdXpXZfyeY
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy