4005a08a4853f72ebd58f49ea28e39b0ecf239eb9ada1aaa2c3adcfec8a48238 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Sryxen-main.zip

windows7-x64

1

Sryxen-main.zip

windows10-2004-x64

8

Sharing

General

Target

Sryxen-main.zip
Size

1.1MB
Sample

241204-ww55qsvjew
MD5

235c8379ad047cc7f1dae05470e235a8
SHA1

c9a328a779395449bb6a58c01322892b63d506c3
SHA256

4005a08a4853f72ebd58f49ea28e39b0ecf239eb9ada1aaa2c3adcfec8a48238
SHA512

23e5dd80f76812502f91d57ab1f303da41d43367d5e05777e43e6692fd3ffde3668f740347baceb4976a440ab659c518d5bc9694e5efd77ba1fee4b666d97849
SSDEEP

24576:IjvbwBoSoz39x2UTLmpLtWv6SKZQrE/j1aMoLs:I/wBEzNo+LmttWvtQBYs

Score

8^/10

discovery execution motw phishing upx

Static task

static1

Behavioral task

behavioral1

Sample

Sryxen-main.zip

Resource

win7-20240708-en

windows7-x64

3 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Sryxen-main.zip

Resource

win10v2004-20241007-en

discovery execution motw phishing upx

windows10-2004-x64

33 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Sryxen-main.zip
- Size
  
  1.1MB
- MD5
  
  235c8379ad047cc7f1dae05470e235a8
- SHA1
  
  c9a328a779395449bb6a58c01322892b63d506c3
- SHA256
  
  4005a08a4853f72ebd58f49ea28e39b0ecf239eb9ada1aaa2c3adcfec8a48238
- SHA512
  
  23e5dd80f76812502f91d57ab1f303da41d43367d5e05777e43e6692fd3ffde3668f740347baceb4976a440ab659c518d5bc9694e5efd77ba1fee4b666d97849
- SSDEEP
  
  24576:IjvbwBoSoz39x2UTLmpLtWv6SKZQrE/j1aMoLs:I/wBEzNo+LmttWvtQBYs
Score

8^/10

discovery execution motw phishing upx
- Downloads MZ/PE file
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
- Probable phishing domain
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Phishing

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexecutionmotwphishingupx

© 2018-2024

Terms | Privacy