81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857 | Triage

Submit
Reports

Overview

overview

Static

static

81c673a143...57.exe

windows7-x64

9

81c673a143...57.exe

windows10-2004-x64

9

Sharing

General

Target

81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857
Size

178KB
Sample

240522-3rb5esdf77
MD5

7f916d28233902435d9cf7c4d5ce16f2
SHA1

35c5914f7cb81a7727ae01e1e601acb28af206d5
SHA256

81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857
SHA512

c1b55c193d789a3428ec5425ddbd76c8fa08e8be06ad176321886d6eb17f2d9c4abc5d974f9059c2462c500f271dc43b03769df7a7b3474dc7c451b63af22c37
SSDEEP

3072:jEJLldsvWL+6V9pk7amgwryg3nMCxqaNpd7:AJ51+Egd187aJ7

Score

10^/10

persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857.exe

Resource

win7-20240221-en

persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857.exe

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857
- Size
  
  178KB
- MD5
  
  7f916d28233902435d9cf7c4d5ce16f2
- SHA1
  
  35c5914f7cb81a7727ae01e1e601acb28af206d5
- SHA256
  
  81c673a143cb39e300aa9cac16008b075f80aa22943428c554c80a6ba9000857
- SHA512
  
  c1b55c193d789a3428ec5425ddbd76c8fa08e8be06ad176321886d6eb17f2d9c4abc5d974f9059c2462c500f271dc43b03769df7a7b3474dc7c451b63af22c37
- SSDEEP
  
  3072:jEJLldsvWL+6V9pk7amgwryg3nMCxqaNpd7:AJ51+Egd187aJ7
Score

9^/10

persistence upx
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy