Overview

overview

10

task1

 

10

task2

 

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Exes_1e7d7ed6b123cd4d6bf846f7f5672ab5.exe

  • Size

    650KB

  • Sample

    190801-vtp4wjvh3j

  • MD5

    1e7d7ed6b123cd4d6bf846f7f5672ab5

  • SHA1

    9115913058c1b392dfc95e3ecbd8d572abdc0928

  • SHA256

    55197b221b742624fe02c92ca89485fd67180a0feec6fd5ea794d3d388178ddd

  • SHA512

    1420c31c06dab2eb75fc052d0d897ba561181c6a1d2b4580a9b88f37f58f17184a445bda23f2fd714f754cc9e1aba621512a30e2ca92f73e6009c68914ad5ec2

Score
N/A

Malware Config

Targets

    • Target

      Exes_1e7d7ed6b123cd4d6bf846f7f5672ab5.exe

    • Size

      650KB

    • MD5

      1e7d7ed6b123cd4d6bf846f7f5672ab5

    • SHA1

      9115913058c1b392dfc95e3ecbd8d572abdc0928

    • SHA256

      55197b221b742624fe02c92ca89485fd67180a0feec6fd5ea794d3d388178ddd

    • SHA512

      1420c31c06dab2eb75fc052d0d897ba561181c6a1d2b4580a9b88f37f58f17184a445bda23f2fd714f754cc9e1aba621512a30e2ca92f73e6009c68914ad5ec2

    Score
    N/A

    • Modifies Winlogon for persistence

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    task1task2

MITRE ATT&CK Enterprise v6

Tasks