General
-
Target
upx.exe
-
Size
8.2MB
-
Sample
240706-1k1hbswdpg
-
MD5
33f35eeb6c16de7830674e2be6d3aaa3
-
SHA1
0a844635db14359af6ad959e540c7a05cea98ca8
-
SHA256
20f7cdf6481cb24fcc3c4bb8b091bd88d5bdb04b22b5234b82c34369000c082b
-
SHA512
0a43a7a78a8386844a1f09212e874cf8feffd0ddd540387ec4d48d87f3a8184d5a6b1e9c18cada1545b2471101632b70f176b3d9b70545cd67d3300465993788
-
SSDEEP
196608:ifC9/urErvI9pWjgaAnajMsbSEo2KfQC//OoNmUu:L9/urEUWjJjIflo4jNvu
Behavioral task
behavioral1
Sample
upx.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
upx.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
upx.exe
-
Size
8.2MB
-
MD5
33f35eeb6c16de7830674e2be6d3aaa3
-
SHA1
0a844635db14359af6ad959e540c7a05cea98ca8
-
SHA256
20f7cdf6481cb24fcc3c4bb8b091bd88d5bdb04b22b5234b82c34369000c082b
-
SHA512
0a43a7a78a8386844a1f09212e874cf8feffd0ddd540387ec4d48d87f3a8184d5a6b1e9c18cada1545b2471101632b70f176b3d9b70545cd67d3300465993788
-
SSDEEP
196608:ifC9/urErvI9pWjgaAnajMsbSEo2KfQC//OoNmUu:L9/urEUWjJjIflo4jNvu
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-