f0d95aefb769f67c07ce99e7a2137541654a82f1b864f4e18ed4e04bc906dcd1 | Triage

Sharing

General

Target

ca67e9391081f19310de7fda3c8b58d0N.exe
Size

105KB
Sample

240905-sxn13atdjq
MD5

ca67e9391081f19310de7fda3c8b58d0
SHA1

496cee08cfa3174260f8e708247ea35395f3cfd9
SHA256

f0d95aefb769f67c07ce99e7a2137541654a82f1b864f4e18ed4e04bc906dcd1
SHA512

2a919590f45abda78e65334b0fc623906ddc686754490e9f210a2f92df69de68487d1fab2b04b15005f5bf4f2bd5549d6f2f0fb5b1c7e1f99859056d75e7597c
SSDEEP

1536:Pe31V5nA76xcrCRREQy1sFcv+PZaCmV/MRu4Lp6r4maLuJdynnaWqBoPhXuNjg5g:a3PxcrOR5WsywZGVgV6rIEcaWq+hGjb

Score

7^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ca67e9391081f19310de7fda3c8b58d0N.exe
- Size
  
  105KB
- MD5
  
  ca67e9391081f19310de7fda3c8b58d0
- SHA1
  
  496cee08cfa3174260f8e708247ea35395f3cfd9
- SHA256
  
  f0d95aefb769f67c07ce99e7a2137541654a82f1b864f4e18ed4e04bc906dcd1
- SHA512
  
  2a919590f45abda78e65334b0fc623906ddc686754490e9f210a2f92df69de68487d1fab2b04b15005f5bf4f2bd5549d6f2f0fb5b1c7e1f99859056d75e7597c
- SSDEEP
  
  1536:Pe31V5nA76xcrCRREQy1sFcv+PZaCmV/MRu4Lp6r4maLuJdynnaWqBoPhXuNjg5g:a3PxcrOR5WsywZGVgV6rIEcaWq+hGjb
Score

7^/10

discovery persistence upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2