a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

a7ac6ea172...35.dll

windows7-x64

7

a7ac6ea172...35.dll

windows10-2004-x64

8

Sharing

General

Target

a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35.exe
Size

223KB
Sample

240524-e5ewgadc98
MD5

0fd03c4aef8e9b9add94001de9964ac0
SHA1

7ad7ef363ce9103bba191de8a3d319ce3d0de96d
SHA256

a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35
SHA512

55cd6614dde92dbb71d59562f1eb04fdd55d55ddbc5949a3e9b9f477a34786d74daa9e186bd5d1f103c02dbc02c379b6b4f6161abdf5f05b73715e44d3daad4d
SSDEEP

3072:6huf5AUWGIcvCJvK2myAnAZdlGZxIOtY81fs2lQBV+UdE+rECWp7hKear:ZBAUWG6VmyYLIBV+UdvrEFp7hKNr

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35.dll

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35.dll

Resource

win10v2004-20240426-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35.exe
- Size
  
  223KB
- MD5
  
  0fd03c4aef8e9b9add94001de9964ac0
- SHA1
  
  7ad7ef363ce9103bba191de8a3d319ce3d0de96d
- SHA256
  
  a7ac6ea17219d2f83465c7e56023a6110c3cc8ccf2d798249b0f74d03fb3ae35
- SHA512
  
  55cd6614dde92dbb71d59562f1eb04fdd55d55ddbc5949a3e9b9f477a34786d74daa9e186bd5d1f103c02dbc02c379b6b4f6161abdf5f05b73715e44d3daad4d
- SSDEEP
  
  3072:6huf5AUWGIcvCJvK2myAnAZdlGZxIOtY81fs2lQBV+UdE+rECWp7hKear:ZBAUWG6VmyYLIBV+UdvrEFp7hKNr
Score

8^/10

upx persistence
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy