Overview

overview

8

Static

static

LITEJY_v1....5 .exe

windows7_x64

8

LITEJY_v1....5 .exe

windows10_x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LITEJY_v1.3.20210105 .rar

  • Size

    6.9MB

  • Sample

    210113-z3l8zf1rmx

  • MD5

    c0137d21b06bc111efbc0b7883bed639

  • SHA1

    1182a70b605930039e1779620fac461a08ff387e

  • SHA256

    11e7270f427aa3ec487d380d7dd07023f516bd201bfbf342b46b075ef420b11b

  • SHA512

    09c4e4975f94eb39c1b059cb6d3582bca4a97683c7af5ad710ff6fb45e2b42ef852ae3da3e2aaf7eeefb70486c96de60f29eff47bf29310df32f1e75d265e85c

Score
8/10
evasion

Malware Config

Targets

    • Target

      LITEJY_v1.3.20210105 .exe

    • Size

      7.1MB

    • MD5

      758bbbd2e255c1aa72357ad76d63567a

    • SHA1

      af4d310743bba94383f6279f1ff934708731e1cf

    • SHA256

      00e23f66ad8beb0186dba445a6d846c878ff95c312424fc95a3ceffc0780de6a

    • SHA512

      3a796cab3b9fca224f78b3011cade3c053c967446d6ca8a123e6777ade43e009be3165ddd0cafb74a4558102bfdb30496313a952025c61f696fe7cd3f6cc4e21

    Score
    8/10
    evasion

    • Stops running service(s)

      evasion

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Disabling Security Tools

1
T1089

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

1
T1489

Tasks