Overview

overview

7

task1

 

7

task2

 

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Exes_2546d43ecb8915501e90daa68384b540.exe

  • Size

    848KB

  • Sample

    190730-exdcm5lkan

  • MD5

    2546d43ecb8915501e90daa68384b540

  • SHA1

    dbc41fa640aee45d087eb4756c85970a82fc8d5a

  • SHA256

    354e55646aac2f77be4c0003d8c30952fbbb75cb77edbb0038b94381e5e65128

  • SHA512

    9646eae11d91c8874e06e0a7392c4064f342a4008648251352673c1fde9172aeb411ee631eba8c2ad9a1d571f285e2d199931e14dc832f577ff43d7758da9e4d

Score
N/A

Malware Config

Targets

    • Target

      Exes_2546d43ecb8915501e90daa68384b540.exe

    • Size

      848KB

    • MD5

      2546d43ecb8915501e90daa68384b540

    • SHA1

      dbc41fa640aee45d087eb4756c85970a82fc8d5a

    • SHA256

      354e55646aac2f77be4c0003d8c30952fbbb75cb77edbb0038b94381e5e65128

    • SHA512

      9646eae11d91c8874e06e0a7392c4064f342a4008648251352673c1fde9172aeb411ee631eba8c2ad9a1d571f285e2d199931e14dc832f577ff43d7758da9e4d

    Score
    N/A

    • program_crash

    • Suspicious use of SetThreadContext

    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hooking

1
T1179

Privilege Escalation

Access Token Manipulation

1
T1134

Process Injection

3
T1055

Hooking

1
T1179

Defense Evasion

Access Token Manipulation

1
T1134

Process Injection

3
T1055

Obfuscated Files or Information

1
T1027

Credential Access

Hooking

1
T1179

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks