80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d | Triage

Submit
Reports

Overview

overview

8

Static

static

1

80955b0076...8d.exe

windows7-x64

8

80955b0076...8d.exe

windows10-2004-x64

7

Sharing

General

Target

80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d
Size

243KB
Sample

240526-y2ntrabf48
MD5

b326083a72241f58c07ff6e6a29f2369
SHA1

4bfe5eee66f48f27111a8181615adabc795c5308
SHA256

80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d
SHA512

03296625cfabc4d3073bf54261f076fa75a4b28c93c3dafe12dd1adcdf3a54dfb427614b70ff9a41caf4ec767ecec78c9af970d9f20686f7dea95f5024203422
SSDEEP

3072:ewzvOYNm5YP/aKavT/DEAaobNI2B+DlIH3angqtirxzGlB89Vo6FoCG55lO/X9u2:1miP/aK2EAH/B+3ChmBV+UdvrEFp7hK2

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d.exe

Resource

win7-20240221-en

persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d
- Size
  
  243KB
- MD5
  
  b326083a72241f58c07ff6e6a29f2369
- SHA1
  
  4bfe5eee66f48f27111a8181615adabc795c5308
- SHA256
  
  80955b007616fb9d3911d2a466c6d5e3f032c5d1b0c31f39000b86fa338d808d
- SHA512
  
  03296625cfabc4d3073bf54261f076fa75a4b28c93c3dafe12dd1adcdf3a54dfb427614b70ff9a41caf4ec767ecec78c9af970d9f20686f7dea95f5024203422
- SSDEEP
  
  3072:ewzvOYNm5YP/aKavT/DEAaobNI2B+DlIH3angqtirxzGlB89Vo6FoCG55lO/X9u2:1miP/aK2EAH/B+3ChmBV+UdvrEFp7hK2
Score

8^/10

persistence upx
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy