a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f | Triage

Submit
Reports

Overview

overview

9

Static

static

3

a81dd64e51...4f.dll

windows7-x64

9

a81dd64e51...4f.dll

windows10-2004-x64

9

Sharing

General

Target

a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f
Size

372KB
Sample

240523-bxj9fagf7z
MD5

4af0551c62c23931c9a01e62d8cbdfa2
SHA1

f5b0951ccf67c0961bf70fc77fcb6a8641ec9690
SHA256

a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f
SHA512

adcda9a16698969beae043ba0df27a90cbfe7464c3ae30f51e1102e857baaa1ce0d89fb8ed0bebcdf52d3796c58438006a36032e399fc0c42e432fa23bb8da58
SSDEEP

6144:nKTdsHvaT0OEKbTYJEnCBc8UiyDcdUWroICoGjaWgBV+UdvrEFp7hKrp:nKqPaTCJJQVvDcSW0VEBjvrEH7Qp

Score

9^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f.dll

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f.dll

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f
- Size
  
  372KB
- MD5
  
  4af0551c62c23931c9a01e62d8cbdfa2
- SHA1
  
  f5b0951ccf67c0961bf70fc77fcb6a8641ec9690
- SHA256
  
  a81dd64e5153edf89c0fb3ea9a26d0bcceb0e9d8bfa745e49ad69643ee06894f
- SHA512
  
  adcda9a16698969beae043ba0df27a90cbfe7464c3ae30f51e1102e857baaa1ce0d89fb8ed0bebcdf52d3796c58438006a36032e399fc0c42e432fa23bb8da58
- SSDEEP
  
  6144:nKTdsHvaT0OEKbTYJEnCBc8UiyDcdUWroICoGjaWgBV+UdvrEFp7hKrp:nKqPaTCJJQVvDcSW0VEBjvrEH7Qp
Score

9^/10

upx persistence
- UPX dump on OEP (original entry point)
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy