e7cdce56451b2ac4a1ed7c00611a4eee3b3574a8fa37f99557c1af50765af00f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce3a6d5929ab62109d91d6ad0d8799a0N
Size

81KB
Sample

240909-yzbfmsxfpr
MD5

ce3a6d5929ab62109d91d6ad0d8799a0
SHA1

2fc6a47c6c2d51b96ccaf2dc998a1f749a093577
SHA256

e7cdce56451b2ac4a1ed7c00611a4eee3b3574a8fa37f99557c1af50765af00f
SHA512

66b9d06fc22c713f596f019fcea2866b4ea4ee1e2e240f0ceaf59cf10fe1ad8814dff5268323648a548078a6600aa3f2725f0e88d22d0df85932f14e386b78ce
SSDEEP

1536:QFB54A6pC2gp80f5zFi4NJO255Bvs5X1qS00:QX54A6pCvdFiUJjHBU5X1qF0

Score

7^/10

discovery persistence upx

Malware Config

Targets

- Target
  
  ce3a6d5929ab62109d91d6ad0d8799a0N
- Size
  
  81KB
- MD5
  
  ce3a6d5929ab62109d91d6ad0d8799a0
- SHA1
  
  2fc6a47c6c2d51b96ccaf2dc998a1f749a093577
- SHA256
  
  e7cdce56451b2ac4a1ed7c00611a4eee3b3574a8fa37f99557c1af50765af00f
- SHA512
  
  66b9d06fc22c713f596f019fcea2866b4ea4ee1e2e240f0ceaf59cf10fe1ad8814dff5268323648a548078a6600aa3f2725f0e88d22d0df85932f14e386b78ce
- SSDEEP
  
  1536:QFB54A6pC2gp80f5zFi4NJO255Bvs5X1qS00:QX54A6pCvdFiUJjHBU5X1qF0
Score

7^/10

discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx