8100b701682e9fb7c4165631216913054e2e201f4cd63274ff1151ade42098c9 | Triage

Submit
Reports

Overview

overview

7

Static

static

Purchase Order.exe

windows7_x64

7

Purchase Order.exe

windows10_x64

3

Sharing

General

Target

Purchase Order
Size

796KB
Sample

200708-j3emr8ml92
MD5

9c855254c998da988ee359119c6bfbcd
SHA1

4e673163f312fb8334c93c5ab1bf7fd7e7f81f9c
SHA256

8100b701682e9fb7c4165631216913054e2e201f4cd63274ff1151ade42098c9
SHA512

715d61ab364cd879c4da76732a8cdafcf2ccd80be2330a00b1dc6580c62a5996b85b4469c9ca6bbb276208118114f1f1b5bf77f7cd6dc0023a92f8633cbb62a4

Score

7^/10

evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Purchase Order.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Purchase Order
- Size
  
  796KB
- MD5
  
  9c855254c998da988ee359119c6bfbcd
- SHA1
  
  4e673163f312fb8334c93c5ab1bf7fd7e7f81f9c
- SHA256
  
  8100b701682e9fb7c4165631216913054e2e201f4cd63274ff1151ade42098c9
- SHA512
  
  715d61ab364cd879c4da76732a8cdafcf2ccd80be2330a00b1dc6580c62a5996b85b4469c9ca6bbb276208118114f1f1b5bf77f7cd6dc0023a92f8633cbb62a4
Score

7^/10

evasion trojan
- Deletes itself
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy