6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d | Triage

Submit
Reports

Overview

overview

Static

static

6bfec85e43...0d.exe

windows7-x64

6bfec85e43...0d.exe

windows10-2004-x64

Sharing

General

Target

6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d
Size

344KB
Sample

240616-18hmes1arh
MD5

e2bcd5301d1176092237f37d4ddfecb4
SHA1

7a3aa317ea6e4900e6a5ada10d34e29c8aa20651
SHA256

6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d
SHA512

c886c02683233791252a8770a2a2dc9cfde64109e3ccb49ce22125e549f9403971922c70d947c5ebd102ae6869baac4b60cb48eb2fecc929572d7f141c93f8ef
SSDEEP

6144:oax2HVLCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:aHBCpXImbzQD6OkPgl6bmIjKn

Score

10^/10

persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d.exe

Resource

win7-20240611-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d
- Size
  
  344KB
- MD5
  
  e2bcd5301d1176092237f37d4ddfecb4
- SHA1
  
  7a3aa317ea6e4900e6a5ada10d34e29c8aa20651
- SHA256
  
  6bfec85e430e47709ab1aa9e71462980c5ec00b85235b273e3d5b82e7d68e00d
- SHA512
  
  c886c02683233791252a8770a2a2dc9cfde64109e3ccb49ce22125e549f9403971922c70d947c5ebd102ae6869baac4b60cb48eb2fecc929572d7f141c93f8ef
- SSDEEP
  
  6144:oax2HVLCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:aHBCpXImbzQD6OkPgl6bmIjKn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy