269bc6b378822d764324845bb75b1fadb8bb931e7a8787fc4e5aac3d4f7f6aac | Triage

Sharing

General

Target

WPE collection (HxT).zip
Size

1.1MB
Sample

240817-knc87szeqp
MD5

e67136d2f41a7a4ad5f61ef57f4f33be
SHA1

a1389920ffbb9420a30d6ddada028d98c76910f6
SHA256

269bc6b378822d764324845bb75b1fadb8bb931e7a8787fc4e5aac3d4f7f6aac
SHA512

c194c25bc8fe25bc37d6b3397403402dca0bdebfd9365dd8dea2521522d55fbdb5671aa2ff523db290ed474fb305fceddf059609370aa453766dfa8d1fc73bc4
SSDEEP

24576:KLgHlh7uf9Z4ukdsaUnJLYukQfqemw/bKKsR0+:KLihifRpRnh9/feSWK1+

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  WPE collection (HxT)/SetPriv.dll
- Size
  
  22KB
- MD5
  
  6ab821d0f4514ae54ba0386f4d9406d5
- SHA1
  
  6ab8b8a9b59d9ff1071e7c3c7261c40bfc6b4864
- SHA256
  
  025816bd1fa415fec72300db9cd3319a869dfa0beec23986547b25cdc8a47e9c
- SHA512
  
  2527d0aa6eacbb3f2b68b177d9221559f4e63c7c1b33ecfb7cadeeac5b2f9deafb55e80b10b2c2122d063e00feffa592afce91c01b461f3585b8d90fe65f1318
- SSDEEP
  
  384:W5OrhERIXJncR95wmWS6HiOdVUxN62lq0rMXv78WIf/c+CWXqslbOK+fcVD:xrhERyJncR9tWS6HiOdVUXFqCMXNIXxD
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  WPE collection (HxT)/Wpe Pro.exe
- Size
  
  812KB
- MD5
  
  38636da4753018707fc77cd1e47ea5e2
- SHA1
  
  37221eb822abf5dc9617aa2694f24ad3b40fa016
- SHA256
  
  1fdf2cdd48dfc4d68dcde6ce4f0243aa1ac552da11f3312d476f3ed6b4723dfe
- SHA512
  
  779ce68537c75ea7fc85fed3f745b5759d640fd449dc41a499cfcb0e0497bb790873b4d9bd71f9dd1f9ea268512dc6e36bcbf861dbb7cbc6389a63c42dcee380
- SSDEEP
  
  12288:S3v6sgx8iIivBmxWb30XJe4s1lJSOCx8zmRaar5kuHer2zH/aJsICKU7:S/6tIu3Ujs1jDCx3GuDTK
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral2
- Target
  
  WPE collection (HxT)/Wpe Sonic.exe
- Size
  
  832KB
- MD5
  
  0fe8ad76aaec037a4e0c31bb5efee29d
- SHA1
  
  8fb5246afe2fe6740173ec68ec406cb0a6b2c26c
- SHA256
  
  4e7f434949c46ab0fb88e823a726106486a91a7699f924934e6071374afa4139
- SHA512
  
  64c29f4250068004f6d79c3b6fcc784e66ca169a0cd6a51b13dc04312c45ebe5b50f7ba0d63dc9947e0ec7f58cbe345ba251bfb4dc3737ec092eef96e1208d80
- SSDEEP
  
  12288:U3v6sgx8iIivBmxWb30XJe4s1lPSOCx8zmRaar5kuHer2zHhaJsICKrW:U/6tIu3Ujs1VDCx3GuDJK
Score

3^/10

discovery
behavioral3
- Target
  
  WPE collection (HxT)/Wpe Ultra.exe
- Size
  
  812KB
- MD5
  
  e6ff045938397e095c06faf5b2a01dc3
- SHA1
  
  adc18a81929b25825e53c1dfc6627f545cfe80b0
- SHA256
  
  d14d94cc0925787c85d51b80a6485b803713123d84c4179c9f42939ea647b1c7
- SHA512
  
  48cf245d0ecd2b42cf6e52d20cdafae6908195df4c0acab49d586da30e6a3d875c37571b804ca19bcd321851e4abc004010eb205fe8af96f6a7b7537929a7d40
- SSDEEP
  
  12288:23v6sgx8iIivBmxWb30XJe4s1lPSOCx8zmRaar5kuHer2zHhaJsICKl4:2/6tIu3Ujs1VDCx3GuDJK
Score

3^/10

discovery
behavioral4
- Target
  
  WPE collection (HxT)/WpeSpy.dll
- Size
  
  180KB
- MD5
  
  3fb67ceab8fb223312492842d7901e01
- SHA1
  
  24d701c846e164d8e9823237393f4bdfeef48fc1
- SHA256
  
  f0dc0e0813b1c63f9c6e9250558cbb1ff255ce2f077c1fc84f7f8f1efee69f62
- SHA512
  
  5eb565a0a8fa86770590b694380e3fa1e5f3863e959d2cfc6f089dd3b44daaf9384f2067a971806f8d9e7a9e3207e9f312cf82d33c36d4a866caacffe6d6c12d
- SSDEEP
  
  768:aCDlRInSTu6xpi9Hk+o4xTTWVWWwBHt3HOgiHFEkOlZCYLtfo85k2B:aLSTVOkz4xTTWKteB2kOl7lo8+2B
Score

3^/10

discovery
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5