12403572fcf3676335c59b72887fa2910e616973938630dc34e7b856aaf34075 | Triage

Sharing

General

Target

winexp.zip
Size

83KB
Sample

240712-wyytfaxbjc
MD5

c6fa24872a9a14b7036966f8457bc91e
SHA1

5e09f9d6b7e94f04f2f47ccef0fc8cf78a86577d
SHA256

12403572fcf3676335c59b72887fa2910e616973938630dc34e7b856aaf34075
SHA512

8b382f1e6aaecb13f9af33d9bf411697851af26c2e3aaea367d36c89e288412f0a5ca03f5bc0eb71510c5804f64e9aa395a548a09fbe1d54ae2e47aa59d087c5
SSDEEP

1536:DS2zKxl2CWN84Ac/SPEs86SnVJnbbxQo+HN0cWQRLO4u25OSHvnAjHlKI:DSvlwN7AcKPEs4qWcWQI4u2NHfAjHlKI

Score

7^/10

upx

Malware Config

Targets

- Target
  
  Psapi.dll
- Size
  
  17KB
- MD5
  
  abbc53dbdb01df277a7dd8f86da1c168
- SHA1
  
  43c4c7f9217eaf85059cb9cbd26935535c3383ac
- SHA256
  
  35261e40e0fc8229978cab1efcfd2607ae712c40ecff11430df5a78bb2a87795
- SHA512
  
  709df9029b61be8070426141b795076794ae32120dbd960b51e305db4cf56cef0ff288df2b5460e181ed6621b7e961295ac22e57525e7021b9698e3a14e99e8b
- SSDEEP
  
  384:aYwcLQSN+IyddAO4qO6pYA98cgUWZcDWr:hNY2vwgw8
Score

1^/10
behavioral1 behavioral2
- Target
  
  winexp.chm
- Size
  
  63KB
- MD5
  
  5f1ac48dbad0c217af2859ad70612d6b
- SHA1
  
  99d01767335aa65f11f4bd2689aac3cc4d46f670
- SHA256
  
  af614af256b12465ff06f4f1586d2ecce40570704f5d87deeb4fb95e72032343
- SHA512
  
  ffb86e963d5b6d3b890d9ece8af8526838bae1611957149b4f78145dea8489958654ef8307aa10acdb424ccffb910f490ee4590a1be64dc94be9de7e3bba88be
- SSDEEP
  
  1536:rDqILEs86SnVJnbbxQo+HN0cWQRLHwKB0MLNBPgz:nqkEs4qWcWQ+KBRNB4z
Score

1^/10
behavioral3 behavioral4
- Target
  
  winexp.exe
- Size
  
  51KB
- MD5
  
  20fe176f5d63cb53bdeb227410238ef0
- SHA1
  
  6012c9a32950047fb2f0d429c7fbe5a572ed370b
- SHA256
  
  6ee2ee07fa47e4512595dfa8ec8747c956db0eb716e420390cfceb8a318c4c2b
- SHA512
  
  43163ac68f91581fb93c7517e60bd7254bab0fe65acd523071fc6543cda2592540906f1127642ab78f595b52500e3b0c115c72c8e094a48243fb7c8b456ca8fe
- SSDEEP
  
  384:tpGpzwRgH8tNkmfN6QlK6Wcj7yo895m1iqgaya28KKDETKDIPKDRfs2xiqVaaaau:tpGy4nxpnU1Tya28T6L4JYxq4xKzF
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6