Overview

overview

7

Static

static

Purchase o...32.exe

windows7_x64

7

Purchase o...32.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Purchase order- 932.exe

  • Size

    551KB

  • Sample

    200710-zx4ffytx8a

  • MD5

    21c6a2f2c3517d9180799fc892758630

  • SHA1

    231126b687dfc1d0c9a433ced44a0ff500670a64

  • SHA256

    12027e9572326109ce9621432da2ff4b5f170ffaec2aa118a492349f2c320c4e

  • SHA512

    c86516123f7ac464cf7d7027ce5ad889a38d5c8b4f7ad34fd3c3cf3cc300fdee53b6e9839a638725b773ff29cafd1f70147b42187fa15ca7acae8db00884b6ce

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      Purchase order- 932.exe

    • Size

      551KB

    • MD5

      21c6a2f2c3517d9180799fc892758630

    • SHA1

      231126b687dfc1d0c9a433ced44a0ff500670a64

    • SHA256

      12027e9572326109ce9621432da2ff4b5f170ffaec2aa118a492349f2c320c4e

    • SHA512

      c86516123f7ac464cf7d7027ce5ad889a38d5c8b4f7ad34fd3c3cf3cc300fdee53b6e9839a638725b773ff29cafd1f70147b42187fa15ca7acae8db00884b6ce

    Score
    7/10
    evasiontrojan

    • Deletes itself

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks