cf09c4bec1494405fa4c5c2a499cb8e17ac5bd8e31a65e0612c13c41ad8ab457 | Triage

Submit
Reports

Overview

overview

Static

static

1

redz hub.lua

windows11-21h2-x64

Resubmissions

05-01-2025 15:41

250105-s4qhgaykaw 3

04-01-2025 17:05

250104-vl4ngsyld1 10

04-01-2025 16:52

250104-vdkkmszpbm 10

04-01-2025 16:51

250104-vc55yszpak 1

Sharing

General

Target

redz hub.lua
Size

110B
Sample

250104-vl4ngsyld1
MD5

e64dc7639631f60e56ddf2ee462c73f3
SHA1

797012686a77f6b68860e26ab692fb5e5dd56190
SHA256

cf09c4bec1494405fa4c5c2a499cb8e17ac5bd8e31a65e0612c13c41ad8ab457
SHA512

b74992a1da0260565a52f5a7daf93a48199efdec57db36a8e08e1efb06aca815ef1cfac19928ec25127fa8390fce09996a407ed8dc5dd210ef49c9de942d6fdf

Score

10^/10

defense_evasion discovery evasion ransomware trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

redz hub.lua

Resource

win11-20241007-en

defense_evasion discovery evasion ransomware trojan upx

windows11-21h2-x64

28 signatures

900 seconds

Malware Config

Targets

- Target
  
  redz hub.lua
- Size
  
  110B
- MD5
  
  e64dc7639631f60e56ddf2ee462c73f3
- SHA1
  
  797012686a77f6b68860e26ab692fb5e5dd56190
- SHA256
  
  cf09c4bec1494405fa4c5c2a499cb8e17ac5bd8e31a65e0612c13c41ad8ab457
- SHA512
  
  b74992a1da0260565a52f5a7daf93a48199efdec57db36a8e08e1efb06aca815ef1cfac19928ec25127fa8390fce09996a407ed8dc5dd210ef49c9de942d6fdf
Score

10^/10

defense_evasion discovery evasion ransomware trojan upx
- UAC bypass
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Sets desktop wallpaper using registry
  ransomware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

defense_evasiondiscoveryevasionransomwaretrojanupx

© 2018-2025

Terms | Privacy