Overview

overview

10

Static

static

7

capa.exe

windows10_x64

10

Resubmissions

10-07-2021 18:41

210710-epgrxwjdts 10

10-07-2021 18:20

210710-aqkx8q14hs 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    t.zip

  • Size

    20.8MB

  • Sample

    210710-epgrxwjdts

  • MD5

    c4da75166b81124096d73f936101a14f

  • SHA1

    87508072305c4d6c0e2674f025c874fc178787c6

  • SHA256

    3bcfcd54895c4705b8cab8118731e1c871c7177cc5d60262a624f644ca3770f8

  • SHA512

    b903d3d094080ca05280c1dd39264a77a814209cf437bef406c8f9c748ff0f2b1e7e5459388cc2cb05dee82020cc4b75a3dac7cad25bfc666069f2cbffbbcd21

Score
10/10
pyinstallerthemida

Malware Config

Targets

    • Target

      capa.exe

    • Size

      17.0MB

    • MD5

      4051dc738e3292a31ff4529009af59d0

    • SHA1

      7058f538887a0b87a3b749f55fb36cf4be2cfdf8

    • SHA256

      83e2c4e92c50812a4abe6eb1c586a0db0eac88ad700a0d85cc389205c6849616

    • SHA512

      087fbb2ce4849472dcee6756d37e2eca2c181b6d18c1280c7fde20f576dbe90cad47b0b36d299a0d9c2b2bb9af545695fb5bd3f2b69b34c3ae275b1efae7025e

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks