2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3 | Triage

Submit
Reports

Overview

overview

7

Static

static

5

2361169d40...3N.exe

windows7-x64

7

2361169d40...3N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3N
Size

200KB
Sample

241005-ajdztsthkk
MD5

156d14e0b53853caefbb522d98d80700
SHA1

0b1d467358ba8c916819da5685e43173a548d4aa
SHA256

2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3
SHA512

c7ebde03860c637ea9b99a8619711e186dcd4e8a4589e7d845dcf5b5d4c5a9c2eec028f4c37ce80abe92b16d425fe51ee8a3b474dc863341f0ed264ae3ea242e
SSDEEP

1536:2ChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnRvJ:VB2Tna3bq1n99K/i7tR

Score

7^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3N.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

11 signatures

120 seconds

Behavioral task

behavioral2

Sample

2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3N.exe

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3N
- Size
  
  200KB
- MD5
  
  156d14e0b53853caefbb522d98d80700
- SHA1
  
  0b1d467358ba8c916819da5685e43173a548d4aa
- SHA256
  
  2361169d401e7b2c556f3c1ea6bcd3e13a74a6109e5e0c5dabd1e7ab62186be3
- SHA512
  
  c7ebde03860c637ea9b99a8619711e186dcd4e8a4589e7d845dcf5b5d4c5a9c2eec028f4c37ce80abe92b16d425fe51ee8a3b474dc863341f0ed264ae3ea242e
- SSDEEP
  
  1536:2ChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnRvJ:VB2Tna3bq1n99K/i7tR
Score

7^/10

discovery persistence upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy