126fc67445a74a51d1b9caace03d2fa16f24b4045c689fbc23f5d2021c4fa8d1 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

ea8eeedd4d...0N.exe

windows7-x64

7

ea8eeedd4d...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

ea8eeedd4d60124bd1cc481a262cedb0N.exe
Size

20KB
Sample

240821-rj5k8asgnc
MD5

ea8eeedd4d60124bd1cc481a262cedb0
SHA1

c922097aa537177590c15e612dbfddafa8809787
SHA256

126fc67445a74a51d1b9caace03d2fa16f24b4045c689fbc23f5d2021c4fa8d1
SHA512

c00907c5097d96bbd68efe05d9004887c95492ee765b4e4596008ba317ec77e51d684d3cae99071f26c778c72c5642f234ee77f44eb1a0444146b5fc69e98a4d
SSDEEP

192:VjUWFh4fvYGIQnsA6psQXFaNJhLkwcud2DH9VwGfct1hM5EKU:9KE7pXaNJawcudoD7U7S5Ev

Score

7^/10

discovery evasion persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ea8eeedd4d60124bd1cc481a262cedb0N.exe

Resource

win7-20240704-en

discovery evasion persistence trojan upx

windows7-x64

11 signatures

120 seconds

Behavioral task

behavioral2

Sample

ea8eeedd4d60124bd1cc481a262cedb0N.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  ea8eeedd4d60124bd1cc481a262cedb0N.exe
- Size
  
  20KB
- MD5
  
  ea8eeedd4d60124bd1cc481a262cedb0
- SHA1
  
  c922097aa537177590c15e612dbfddafa8809787
- SHA256
  
  126fc67445a74a51d1b9caace03d2fa16f24b4045c689fbc23f5d2021c4fa8d1
- SHA512
  
  c00907c5097d96bbd68efe05d9004887c95492ee765b4e4596008ba317ec77e51d684d3cae99071f26c778c72c5642f234ee77f44eb1a0444146b5fc69e98a4d
- SSDEEP
  
  192:VjUWFh4fvYGIQnsA6psQXFaNJhLkwcud2DH9VwGfct1hM5EKU:9KE7pXaNJawcudoD7U7S5Ev
Score

7^/10

discovery evasion persistence trojan upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojanupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy