29c4de280ceb33f0e9374185fad275661979f9a787b5517dee6dd3b7679628d8 | Triage

Submit
Reports

Overview

overview

9

Static

static

5560c8468e...36.exe

windows7_x64

8

5560c8468e...36.exe

windows10_x64

9

Sharing

General

Target

5560c8468ec7ad1cd3c87530cfac9c36
Size

11.1MB
Sample

201117-ychhzmcymx
MD5

8ab4edb11fd7f47955924fb1b1445482
SHA1

4f9e86ae3fa5f8be3d6b9b8db937c2b73359fee9
SHA256

29c4de280ceb33f0e9374185fad275661979f9a787b5517dee6dd3b7679628d8
SHA512

effca221a5c59d61089529b6909321cac49446f5344c5835e6a77d515fcea967c2279122476b92e198c7b4719b9085e0586995a4767e321aea24aa4f25f9868c

Score

9^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

5560c8468ec7ad1cd3c87530cfac9c36.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5560c8468ec7ad1cd3c87530cfac9c36.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5560c8468ec7ad1cd3c87530cfac9c36
- Size
  
  11.1MB
- MD5
  
  8ab4edb11fd7f47955924fb1b1445482
- SHA1
  
  4f9e86ae3fa5f8be3d6b9b8db937c2b73359fee9
- SHA256
  
  29c4de280ceb33f0e9374185fad275661979f9a787b5517dee6dd3b7679628d8
- SHA512
  
  effca221a5c59d61089529b6909321cac49446f5344c5835e6a77d515fcea967c2279122476b92e198c7b4719b9085e0586995a4767e321aea24aa4f25f9868c
Score

9^/10

discovery
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy