9da0d6964391c9da7afe9b054c1c25a854d4f1cf9166e28dc24f4bf5555862ea | Triage

Submit
Reports

Overview

overview

8

Static

static

1

future async.txt

windows11-21h2-x64

8

Sharing

General

Target

future async.txt
Size

6KB
Sample

240802-lkq7bsthqq
MD5

d804615ca8558fca95fed8378562619a
SHA1

8a41366d3233fff32cd39feb8a719145c716e930
SHA256

9da0d6964391c9da7afe9b054c1c25a854d4f1cf9166e28dc24f4bf5555862ea
SHA512

eebfded746b760e1764cb04eeeba16bf1cd4ef3a2369672069e2c1ce63d97715c78087dd82a6c6d796bb8dccd6ab7055197261f68792a68e82f09f1b43ffd6af
SSDEEP

192:bwbEe18tmXp1asur2ZmDexows0CwpwjwC:MbEe16mXp1asurDeb1akC

Score

8^/10

defense_evasion discovery persistence privilege_escalation upx

Static task

static1

Behavioral task

behavioral1

Sample

future async.txt

Resource

win11-20240730-en

defense_evasion discovery persistence privilege_escalation upx

windows11-21h2-x64

26 signatures

1800 seconds

Malware Config

Targets

- Target
  
  future async.txt
- Size
  
  6KB
- MD5
  
  d804615ca8558fca95fed8378562619a
- SHA1
  
  8a41366d3233fff32cd39feb8a719145c716e930
- SHA256
  
  9da0d6964391c9da7afe9b054c1c25a854d4f1cf9166e28dc24f4bf5555862ea
- SHA512
  
  eebfded746b760e1764cb04eeeba16bf1cd4ef3a2369672069e2c1ce63d97715c78087dd82a6c6d796bb8dccd6ab7055197261f68792a68e82f09f1b43ffd6af
- SSDEEP
  
  192:bwbEe18tmXp1asur2ZmDexows0CwpwjwC:MbEe16mXp1asurDeb1akC
Score

8^/10

defense_evasion discovery persistence privilege_escalation upx
- Downloads MZ/PE file
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy