Overview

overview

7

Static

static

Payment Invoice.exe

windows7_x64

7

Payment Invoice.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payment Invoice.exe

  • Size

    336KB

  • Sample

    200708-zwv8xvx3na

  • MD5

    22997b8feb197ffc197b427c00c28f14

  • SHA1

    74e8887e1629767090f7ed4e3f8abd92e718819f

  • SHA256

    44703eacf8321a8fd05283f755a781a7cb17a55961159ab28d570c2196a79eb7

  • SHA512

    d80e15c042f71675ccf50b93201aac64722c5b6a844c9c19e79eb330eda5c4e4fa09052a33399da3a6889779a823b4f824f442ba28594e790c3d254d9ab16477

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      Payment Invoice.exe

    • Size

      336KB

    • MD5

      22997b8feb197ffc197b427c00c28f14

    • SHA1

      74e8887e1629767090f7ed4e3f8abd92e718819f

    • SHA256

      44703eacf8321a8fd05283f755a781a7cb17a55961159ab28d570c2196a79eb7

    • SHA512

      d80e15c042f71675ccf50b93201aac64722c5b6a844c9c19e79eb330eda5c4e4fa09052a33399da3a6889779a823b4f824f442ba28594e790c3d254d9ab16477

    Score
    7/10
    evasiontrojan

    • Deletes itself

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks