c0dfbb822dea47692a8ed0d266c518495f1a3efd3a4208fb5251bcdf08f18d42 | Triage

Submit
Reports

Overview

overview

8

Static

static

sphinx_1.0...ir.exe

windows7_x64

8

sphinx_1.0...ir.exe

windows10_x64

8

Sharing

General

Target

sphinx_1.0.2.0.vir
Size

1.5MB
Sample

200719-qgt4bvy3n6
MD5

03daacbdcdd8b7a202fd3d4c56ca3bf4
SHA1

8625c393222f587074feee1af1c6e4807faea43f
SHA256

c0dfbb822dea47692a8ed0d266c518495f1a3efd3a4208fb5251bcdf08f18d42
SHA512

775dcd98efc7d5f955734e65cd156b61f4740740746669305a4c9712d197564e016f77da5d6c5fab244e78eb9efb2df58266fcaf61e89c5e3ad6a3e2e4a4acaa

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

sphinx_1.0.2.0.vir.exe

Resource

win7

upx persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sphinx_1.0.2.0.vir.exe

Resource

win10v200430

upx persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sphinx_1.0.2.0.vir
- Size
  
  1.5MB
- MD5
  
  03daacbdcdd8b7a202fd3d4c56ca3bf4
- SHA1
  
  8625c393222f587074feee1af1c6e4807faea43f
- SHA256
  
  c0dfbb822dea47692a8ed0d266c518495f1a3efd3a4208fb5251bcdf08f18d42
- SHA512
  
  775dcd98efc7d5f955734e65cd156b61f4740740746669305a4c9712d197564e016f77da5d6c5fab244e78eb9efb2df58266fcaf61e89c5e3ad6a3e2e4a4acaa
Score

8^/10

upx persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy