8444fb3b56e5ce9643786f9663e364d9a3bb926efe3395485053450950fe8df8 | Triage

Submit
Reports

Overview

overview

7

Static

static

PK2Om5k-ju...FQ.exe

windows7_x64

7

PK2Om5k-ju...FQ.exe

windows10_x64

3

Sharing

General

Target

PK2Om5k-july2020-RFQ.exe
Size

655KB
Sample

200711-szp51xgmbs
MD5

7a95ab7ac86df9e25dba3f7a4004b137
SHA1

0809fc325af70e81bfdbf73579abfb9752224471
SHA256

8444fb3b56e5ce9643786f9663e364d9a3bb926efe3395485053450950fe8df8
SHA512

ec1f5df66b39d670720b13f49ab1dd03f79df619e7fc838a84e04d576ea24d2a7a4a7e88965d3001258d5abbe0016e557d9f4815d193ae851a61385b1f522f5c

Score

7^/10

evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

PK2Om5k-july2020-RFQ.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PK2Om5k-july2020-RFQ.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PK2Om5k-july2020-RFQ.exe
- Size
  
  655KB
- MD5
  
  7a95ab7ac86df9e25dba3f7a4004b137
- SHA1
  
  0809fc325af70e81bfdbf73579abfb9752224471
- SHA256
  
  8444fb3b56e5ce9643786f9663e364d9a3bb926efe3395485053450950fe8df8
- SHA512
  
  ec1f5df66b39d670720b13f49ab1dd03f79df619e7fc838a84e04d576ea24d2a7a4a7e88965d3001258d5abbe0016e557d9f4815d193ae851a61385b1f522f5c
Score

7^/10

evasion trojan
- Deletes itself
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy