4714D68DBB9F9AC36425F2EC73ED434CF57407F36063C.exe

General
Target

4714D68DBB9F9AC36425F2EC73ED434CF57407F36063C.exe

Size

660KB

Sample

210611-4816xnbb1j

Score
8 /10
MD5

4df9b2c6531cde226bf1b0ae86d41162

SHA1

9a42c49714905ea1e5f042a683fd80ecff10fc87

SHA256

4714d68dbb9f9ac36425f2ec73ed434cf57407f36063c391e0bfbb9d0b96bbf9

SHA512

292edf0d733d05b3b725ea00414299c6ccec8d50da9e0ce3d50cafbf4144e87d3e62dcdadb11a2b139e39f8a72cb5e394bd108e6d4413517cca459079df6ba8d

Malware Config
Targets
Target

4714D68DBB9F9AC36425F2EC73ED434CF57407F36063C.exe

MD5

4df9b2c6531cde226bf1b0ae86d41162

Filesize

660KB

Score
8 /10
SHA1

9a42c49714905ea1e5f042a683fd80ecff10fc87

SHA256

4714d68dbb9f9ac36425f2ec73ed434cf57407f36063c391e0bfbb9d0b96bbf9

SHA512

292edf0d733d05b3b725ea00414299c6ccec8d50da9e0ce3d50cafbf4144e87d3e62dcdadb11a2b139e39f8a72cb5e394bd108e6d4413517cca459079df6ba8d

Tags

Signatures

  • Executes dropped EXE

  • Drops startup file

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    8/10

                    behavioral2

                    8/10