General

  • Target

    4714D68DBB9F9AC36425F2EC73ED434CF57407F36063C.exe

  • Size

    660KB

  • Sample

    210611-4816xnbb1j

  • MD5

    4df9b2c6531cde226bf1b0ae86d41162

  • SHA1

    9a42c49714905ea1e5f042a683fd80ecff10fc87

  • SHA256

    4714d68dbb9f9ac36425f2ec73ed434cf57407f36063c391e0bfbb9d0b96bbf9

  • SHA512

    292edf0d733d05b3b725ea00414299c6ccec8d50da9e0ce3d50cafbf4144e87d3e62dcdadb11a2b139e39f8a72cb5e394bd108e6d4413517cca459079df6ba8d

Score
8/10

Malware Config

Targets

    • Target

      4714D68DBB9F9AC36425F2EC73ED434CF57407F36063C.exe

    • Size

      660KB

    • MD5

      4df9b2c6531cde226bf1b0ae86d41162

    • SHA1

      9a42c49714905ea1e5f042a683fd80ecff10fc87

    • SHA256

      4714d68dbb9f9ac36425f2ec73ed434cf57407f36063c391e0bfbb9d0b96bbf9

    • SHA512

      292edf0d733d05b3b725ea00414299c6ccec8d50da9e0ce3d50cafbf4144e87d3e62dcdadb11a2b139e39f8a72cb5e394bd108e6d4413517cca459079df6ba8d

    Score
    8/10
    • Executes dropped EXE

    • Drops startup file

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Tasks