f19abff1a72b1ef08d57541a0d21908b7bf3ae6797d1bcf08c6a81a7c312393f | Triage

Submit
Reports

Overview

overview

8

Static

static

1

engineer-taunt.gif

windows10-1703-x64

8

engineer-taunt.gif

windows7-x64

1

Sharing

General

Target

engineer-taunt.gif
Size

279KB
Sample

240620-2v8gcsvhrq
MD5

8a9e3be06ec8496c7f1a4233876b0697
SHA1

1d29ad9068d227f89009d610d91cca502591bf46
SHA256

f19abff1a72b1ef08d57541a0d21908b7bf3ae6797d1bcf08c6a81a7c312393f
SHA512

f2af39fc536b6b56a485653bfa5b07ea3d3d4a892a1f410c62d13ade46881f321ff79cbfdbf2cfb2a4e82502c24d74ca1ec4bf310d714bdf70c8ddd3ab93ad9b
SSDEEP

6144:4pI6FKD9iEziUIicrzC4CAXJHUqMM4XiU7XQzY0yWjvYM+:4p1oiYozMAWq14SU7gzRjvP+

Score

8^/10

discovery execution exploit upx

Static task

static1

Behavioral task

behavioral1

Sample

engineer-taunt.gif

Resource

win10-20240404-en

discovery execution exploit upx

windows10-1703-x64

25 signatures

1800 seconds

Behavioral task

behavioral2

Sample

engineer-taunt.gif

Resource

win7-20240611-en

windows7-x64

12 signatures

1800 seconds

Malware Config

Targets

- Target
  
  engineer-taunt.gif
- Size
  
  279KB
- MD5
  
  8a9e3be06ec8496c7f1a4233876b0697
- SHA1
  
  1d29ad9068d227f89009d610d91cca502591bf46
- SHA256
  
  f19abff1a72b1ef08d57541a0d21908b7bf3ae6797d1bcf08c6a81a7c312393f
- SHA512
  
  f2af39fc536b6b56a485653bfa5b07ea3d3d4a892a1f410c62d13ade46881f321ff79cbfdbf2cfb2a4e82502c24d74ca1ec4bf310d714bdf70c8ddd3ab93ad9b
- SSDEEP
  
  6144:4pI6FKD9iEziUIicrzC4CAXJHUqMM4XiU7XQzY0yWjvYM+:4p1oiYozMAWq14SU7gzRjvP+
Score

8^/10

discovery execution exploit upx
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryexecutionexploitupx

behavioral2

© 2018-2024

Terms | Privacy