6372eff8ffd9f871a8763263cc240387c321db5cdcf1e28e2d61d1f5c15092bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d2882ede2ff875292739f125a8f3290N.exe
Size

57KB
Sample

240727-ehv9yawclq
MD5

8d2882ede2ff875292739f125a8f3290
SHA1

fb8d53da512f755bd617e2a4d418d07c1d8465e6
SHA256

6372eff8ffd9f871a8763263cc240387c321db5cdcf1e28e2d61d1f5c15092bd
SHA512

6fe8e54cfda0633f5c06bc600bcf727706d11ce1f40ea0e8c8c33376d50a007e4a8625656c1c1b220207df81d35894f3002dff8bf6d365970909ae5d0c835a7e
SSDEEP

1536:J5Vtu7dTkk3fFOMsbybXM/1nd20efLLTUq3wSOwwck/iXr7NFD0:JnMlkUJ4oi180aUFrck/ur73

Score

8^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  8d2882ede2ff875292739f125a8f3290N.exe
- Size
  
  57KB
- MD5
  
  8d2882ede2ff875292739f125a8f3290
- SHA1
  
  fb8d53da512f755bd617e2a4d418d07c1d8465e6
- SHA256
  
  6372eff8ffd9f871a8763263cc240387c321db5cdcf1e28e2d61d1f5c15092bd
- SHA512
  
  6fe8e54cfda0633f5c06bc600bcf727706d11ce1f40ea0e8c8c33376d50a007e4a8625656c1c1b220207df81d35894f3002dff8bf6d365970909ae5d0c835a7e
- SSDEEP
  
  1536:J5Vtu7dTkk3fFOMsbybXM/1nd20efLLTUq3wSOwwck/iXr7NFD0:JnMlkUJ4oi180aUFrck/ur73
Score

8^/10

discovery persistence upx
- Drops file in Drivers directory
- Deletes itself
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx