a525b63ed45e81cc66845ac9a677d5e3e46515b69e3d7634b95f4aaeeee385df | Triage

Submit
Reports

Overview

overview

7

Static

static

7

uTorrent 3...ee).7z

windows11-21h2-x64

7

Resubmissions

29/03/2025, 02:01 UTC

250329-cfmtnsxpt6 7

28/03/2025, 23:06 UTC

250328-23dxqatshz 7

Sharing

General

Target

uTorrent 3.5.5 Build 46514 (Ad-free).7z
Size

12.0MB
Sample

250329-cfmtnsxpt6
MD5

b20438abc6a0246e971b9423dcd321e0
SHA1

e7c1fa97427cf5c8e8c0aca9c5c015736ec97c68
SHA256

a525b63ed45e81cc66845ac9a677d5e3e46515b69e3d7634b95f4aaeeee385df
SHA512

52974adc3e255aa984dde644e4c882ff6de5bf8e5cab2bbdfd84957415ead1fe6a91d31e0c5734b0b6ed6404e79a970797234b469fc5f53792373f26e70168b0
SSDEEP

196608:QQRCOt/SUOJSzqtHSwBbUGpWF0Jhs9uISyi6CiZvvbQN/jRw+MjBqmnTNz0m0brp:dcOt/FaHbZpRh/IqJiVDe/jRA8uTN105

Score

7^/10

defense_evasion discovery upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

uTorrent 3.5.5 Build 46514 (Ad-free).7z

Resource

win11-20250313-en

defense_evasion discovery upx

windows11-21h2-x64

24 signatures

150 seconds

Malware Config

Targets

- Target
  
  uTorrent 3.5.5 Build 46514 (Ad-free).7z
- Size
  
  12.0MB
- MD5
  
  b20438abc6a0246e971b9423dcd321e0
- SHA1
  
  e7c1fa97427cf5c8e8c0aca9c5c015736ec97c68
- SHA256
  
  a525b63ed45e81cc66845ac9a677d5e3e46515b69e3d7634b95f4aaeeee385df
- SHA512
  
  52974adc3e255aa984dde644e4c882ff6de5bf8e5cab2bbdfd84957415ead1fe6a91d31e0c5734b0b6ed6404e79a970797234b469fc5f53792373f26e70168b0
- SSDEEP
  
  196608:QQRCOt/SUOJSzqtHSwBbUGpWF0Jhs9uISyi6CiZvvbQN/jRw+MjBqmnTNz0m0brp:dcOt/FaHbZpRh/IqJiVDe/jRA8uTN105
Score

7^/10

defense_evasion discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  defense_evasion
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.