5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8 | Triage

Submit
Reports

Overview

overview

Static

static

7

5daaccc774...8N.exe

windows7-x64

5daaccc774...8N.exe

windows10-2004-x64

Sharing

General

Target

5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8N
Size

204KB
Sample

240920-kq5q8sycmp
MD5

8753093b893c8bc59ba368c849818e40
SHA1

810ca4d73b03f108d893a6e4dcf903d6adf0ad67
SHA256

5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8
SHA512

128a2e80febdb9fe99f2270ac4624e2d674951f74b4878b7e2da85cc510ce8c6200c093d40dbabab6f71da22ef7b99454ad0a84a7011e77b83d73901e2426eb6
SSDEEP

768:LlvMabRJUDwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGBEj6Ci:LRlVJUclGVs4emEFb3P0lp

Score

10^/10

discovery evasion persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8N.exe

Resource

win7-20240903-en

discovery evasion persistence upx

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8N.exe

Resource

win10v2004-20240802-en

discovery evasion persistence upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8N
- Size
  
  204KB
- MD5
  
  8753093b893c8bc59ba368c849818e40
- SHA1
  
  810ca4d73b03f108d893a6e4dcf903d6adf0ad67
- SHA256
  
  5daaccc7745a86aeab3cda0f53029e2980def5312229dc666b0900e36947e4d8
- SHA512
  
  128a2e80febdb9fe99f2270ac4624e2d674951f74b4878b7e2da85cc510ce8c6200c093d40dbabab6f71da22ef7b99454ad0a84a7011e77b83d73901e2426eb6
- SSDEEP
  
  768:LlvMabRJUDwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGBEj6Ci:LRlVJUclGVs4emEFb3P0lp
Score

10^/10

discovery evasion persistence upx
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

discoveryevasionpersistenceupx

© 2018-2025

Terms | Privacy