f77f2c39a6afd0d56462cfe428696295a33581a86d6d150d2c06a8f146e9069e | Triage

Submit
Reports

Overview

overview

8

Static

static

7

239af05d4c...f5.exe

windows7-x64

8

239af05d4c...f5.exe

windows10-2004-x64

7

$TEMP/gfTWYbhR.dll

windows10-2004-x64

7

Sharing

General

Target

239af05d4c27eeed9a33db505ab7d5f5.bin
Size

102KB
Sample

240705-bvqcnsygnl
MD5

239af05d4c27eeed9a33db505ab7d5f5
SHA1

fbbf126e69ecaf7cb730d80c2e7cb2cd04fac3ec
SHA256

f77f2c39a6afd0d56462cfe428696295a33581a86d6d150d2c06a8f146e9069e
SHA512

ffaa2590b191d2258f9bfd99577a081fd56b3bb3912b76c3a5cadc6f7606bcfa25ca63419a3962c8a3a0d273561aa6bdc3dc7da37a99417bf44ba43c2bbc265b
SSDEEP

3072:IgXdZt9P6D3XJbCAHc7La7XTvjMq53CzFWcnP:Ie3440cXYLgqwRWcP

Score

8^/10

upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

239af05d4c27eeed9a33db505ab7d5f5.exe

Resource

win7-20240611-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

239af05d4c27eeed9a33db505ab7d5f5.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

$TEMP/gfTWYbhR.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  239af05d4c27eeed9a33db505ab7d5f5.bin
- Size
  
  102KB
- MD5
  
  239af05d4c27eeed9a33db505ab7d5f5
- SHA1
  
  fbbf126e69ecaf7cb730d80c2e7cb2cd04fac3ec
- SHA256
  
  f77f2c39a6afd0d56462cfe428696295a33581a86d6d150d2c06a8f146e9069e
- SHA512
  
  ffaa2590b191d2258f9bfd99577a081fd56b3bb3912b76c3a5cadc6f7606bcfa25ca63419a3962c8a3a0d273561aa6bdc3dc7da37a99417bf44ba43c2bbc265b
- SSDEEP
  
  3072:IgXdZt9P6D3XJbCAHc7La7XTvjMq53CzFWcnP:Ie3440cXYLgqwRWcP
Score

8^/10

upx
- Blocklisted process makes network request
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $TEMP/gfTWYbhR.dll
- Size
  
  71KB
- MD5
  
  f6df0c1ed00d1c1a3a2976ba832765d6
- SHA1
  
  315b1a41b0e6328543e6cd31ab114fd144aecdbb
- SHA256
  
  b38ba468cb301b7cb3db3262ebdbfc045c485a0bb2947d59461cba198900f24e
- SHA512
  
  7850224f293943a0476e2d8ce3082f93881dbbc107d482ec655ea5f1b4f73b208361fe7422e2b99c7980bc6774ead4813e43eb3e1e0cd34868817a993cab5d75
- SSDEEP
  
  1536:G/zuOVTaPTGxn4zthmkKSQV51IpX+G2xyEdZB6NLg/8:qusYKn+/mktU1RH7R/8
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2025

Terms | Privacy