13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f | Triage

Submit
Reports

Overview

overview

Static

static

13e1c75290...9f.exe

windows7-x64

9

13e1c75290...9f.exe

windows10-2004-x64

9

Sharing

General

Target

13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f
Size

558KB
Sample

240522-xkq24sch35
MD5

652d1c6b3324a9f38301e4dc47d4189e
SHA1

09e4b19b5fa435005d1fc34247902e9ab1f35bff
SHA256

13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f
SHA512

28ab9fcaac62a57cd8e4a06e305a980fb19e9969549720e7b7607800abd25f3cb41bc25cb880464d213159ce36718779127c6d9a49de61fe22cb5102bf765bcd
SSDEEP

12288:21+vKnoA0cdoIl9jmDBJ4Uh2DEq/51r575O65n9VG:e+vg0HU9EP4UheEq/B79u

Score

10^/10

persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f.exe

Resource

win7-20240508-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f.exe

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f
- Size
  
  558KB
- MD5
  
  652d1c6b3324a9f38301e4dc47d4189e
- SHA1
  
  09e4b19b5fa435005d1fc34247902e9ab1f35bff
- SHA256
  
  13e1c75290ab79cd8545ec0708e3dc20eb19237f2784af99de2af0f4b83bf59f
- SHA512
  
  28ab9fcaac62a57cd8e4a06e305a980fb19e9969549720e7b7607800abd25f3cb41bc25cb880464d213159ce36718779127c6d9a49de61fe22cb5102bf765bcd
- SSDEEP
  
  12288:21+vKnoA0cdoIl9jmDBJ4Uh2DEq/51r575O65n9VG:e+vg0HU9EP4UheEq/B79u
Score

9^/10

persistence upx
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy