Overview

overview

5

Static

static

New Purcha...13.exe

windows7_x64

5

New Purcha...13.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New Purchase Order # DS2192472-14 & 135913.exe

  • Size

    403KB

  • Sample

    200709-yyddxz4erj

  • MD5

    b5b940f3a5c44f7c568f55e711bd4e22

  • SHA1

    4b81fd2ae56891dd623dd18bdb1bac1627f720da

  • SHA256

    53a076f12f6d31f5d0ddbb7a9c061dfd29516342b0102504f60341e363636eb8

  • SHA512

    ee4c712e7448c73e78880a20637feb4f39365e5b57faae981802ed5a878811e973becc6626a6ae18784d646a8049fff17498f29c0a5d971e6b524e3f2fec1e72

Score
5/10

Malware Config

Targets

    • Target

      New Purchase Order # DS2192472-14 & 135913.exe

    • Size

      403KB

    • MD5

      b5b940f3a5c44f7c568f55e711bd4e22

    • SHA1

      4b81fd2ae56891dd623dd18bdb1bac1627f720da

    • SHA256

      53a076f12f6d31f5d0ddbb7a9c061dfd29516342b0102504f60341e363636eb8

    • SHA512

      ee4c712e7448c73e78880a20637feb4f39365e5b57faae981802ed5a878811e973becc6626a6ae18784d646a8049fff17498f29c0a5d971e6b524e3f2fec1e72

    Score
    5/10

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks