Overview

overview

8

Static

static

Loader (1).exe

windows7_x64

8

Loader (1).exe

windows10_x64

5

Resubmissions

21-04-2021 16:56

210421-gxbrzlkjp2 8

21-04-2021 16:54

210421-8aj3zkt3ae 5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Loader (1).exe

  • Size

    4.8MB

  • Sample

    210421-gxbrzlkjp2

  • MD5

    9318be7e6583a4f641c4cbedc643f565

  • SHA1

    1e7a9b1764625b5625e408f865c44a4dc32e9300

  • SHA256

    7ac26057a7a4a5e5c9a4c7de8b8df8faff0010a46ab02fc26536f55d7ce0b02a

  • SHA512

    dec6d54d79195f4485e170ba09b9b5dac5ed45620942ee74e092bafbaa7ac247b1c5a485a280a7a0f85784cab80712092ddb7ca51a8e7541f217a42df2abeddd

Score
8/10
persistence

Malware Config

Targets

    • Target

      Loader (1).exe

    • Size

      4.8MB

    • MD5

      9318be7e6583a4f641c4cbedc643f565

    • SHA1

      1e7a9b1764625b5625e408f865c44a4dc32e9300

    • SHA256

      7ac26057a7a4a5e5c9a4c7de8b8df8faff0010a46ab02fc26536f55d7ce0b02a

    • SHA512

      dec6d54d79195f4485e170ba09b9b5dac5ed45620942ee74e092bafbaa7ac247b1c5a485a280a7a0f85784cab80712092ddb7ca51a8e7541f217a42df2abeddd

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks