29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

29816ba544...7N.exe

windows7-x64

8

29816ba544...7N.exe

windows10-2004-x64

8

Sharing

General

Target

29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77N
Size

38KB
Sample

240919-gkbz7atekb
MD5

de9d5e97ca5a4ef53a573e896f2b0da0
SHA1

621153f89ebaa1164e433e6f08c69bd3e689f2c7
SHA256

29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77
SHA512

af3eb3a54ec191a86b620afbb5d95a632be9bc2f99b3cf1455dde72bd3a2235c12ebeaf00b82e1cc120e48c0274d8f2f13fad904f8e3e05b92d78c05cc05829a
SSDEEP

768:Nzj1JegVa3Gry+uELEmITCs/NUZ6nZdYbCLECkrQoP9fmF2f1cOe2:NWQa2TLEmITcoQxfllfmS1cOe2

Score

8^/10

discovery evasion execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77N.exe

Resource

win7-20240903-en

discovery evasion execution upx

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77N.exe

Resource

win10v2004-20240802-en

discovery evasion execution upx

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77N
- Size
  
  38KB
- MD5
  
  de9d5e97ca5a4ef53a573e896f2b0da0
- SHA1
  
  621153f89ebaa1164e433e6f08c69bd3e689f2c7
- SHA256
  
  29816ba5444d408c5f4c2d836a0c296a9c993de55b02184208e7fb568c0dca77
- SHA512
  
  af3eb3a54ec191a86b620afbb5d95a632be9bc2f99b3cf1455dde72bd3a2235c12ebeaf00b82e1cc120e48c0274d8f2f13fad904f8e3e05b92d78c05cc05829a
- SSDEEP
  
  768:Nzj1JegVa3Gry+uELEmITCs/NUZ6nZdYbCLECkrQoP9fmF2f1cOe2:NWQa2TLEmITcoQxfllfmS1cOe2
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx

© 2018-2025

Terms | Privacy