0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7b | Triage

Submit
Reports

Overview

overview

7

Static

static

3

0af572297f...bN.exe

windows7-x64

7

0af572297f...bN.exe

windows10-2004-x64

7

Sharing

General

Target

0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7bN
Size

450KB
Sample

241002-k6vk7ssbrd
MD5

fe1fc1861f77c175689df839ca5f7390
SHA1

57d1cd100e0aca4513166b8f0ab6cdc308fee679
SHA256

0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7b
SHA512

5d6408955c626a2a6fc964a50050edee3bd1d116240d3d56b6cab675581ee3d61ff1402e2076c1fdee0e11e16f7c7de5e6c9cc355b5da5a897565f99d67ff582
SSDEEP

6144:GCBDEYlP4TFu+lw6Q2DMeAkcFucTzxZ+oCIQyystXdpJm3L6W2D+FELu:XBo3TFu4t/AbFu6/LCIQyHNfM0D+3

Score

7^/10

discovery persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7bN.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7bN.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

12 signatures

120 seconds

Malware Config

Targets

- Target
  
  0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7bN
- Size
  
  450KB
- MD5
  
  fe1fc1861f77c175689df839ca5f7390
- SHA1
  
  57d1cd100e0aca4513166b8f0ab6cdc308fee679
- SHA256
  
  0af572297faa1223a64292c01c3eeac4c19b6ff3eaff97d8ae553da5a7912a7b
- SHA512
  
  5d6408955c626a2a6fc964a50050edee3bd1d116240d3d56b6cab675581ee3d61ff1402e2076c1fdee0e11e16f7c7de5e6c9cc355b5da5a897565f99d67ff582
- SSDEEP
  
  6144:GCBDEYlP4TFu+lw6Q2DMeAkcFucTzxZ+oCIQyystXdpJm3L6W2D+FELu:XBo3TFu4t/AbFu6/LCIQyHNfM0D+3
Score

7^/10

discovery persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2024

Terms | Privacy