63e8a3a963a126765ce19680e9620e3df0fc985fdd03d6c1b9e3542dcae069d4 | Triage

Sharing

General

Target

Tender.exe
Size

6.8MB
Sample

210810-pkxalz65pa
MD5

2e723f89f1a786d41bcc0e9d6eee3790
SHA1

4699d5940794fa3a65e718622b1a072a9e53eaaf
SHA256

63e8a3a963a126765ce19680e9620e3df0fc985fdd03d6c1b9e3542dcae069d4
SHA512

e764ae51881a6cdacb3d26d8322cf9643ac64596827d416927b53eb3ee995c05aaad6a39fd5f01ec7f4b136cc229efbf35e6bccb5591dd407fd4941ccdb09244

Score

10^/10

persistence pyinstaller suricata

Malware Config

Targets

- Target
  
  Tender.exe
- Size
  
  6.8MB
- MD5
  
  2e723f89f1a786d41bcc0e9d6eee3790
- SHA1
  
  4699d5940794fa3a65e718622b1a072a9e53eaaf
- SHA256
  
  63e8a3a963a126765ce19680e9620e3df0fc985fdd03d6c1b9e3542dcae069d4
- SHA512
  
  e764ae51881a6cdacb3d26d8322cf9643ac64596827d416927b53eb3ee995c05aaad6a39fd5f01ec7f4b136cc229efbf35e6bccb5591dd407fd4941ccdb09244
Score

10^/10

persistence suricata
- suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
  suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
  suricata
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

persistencesuricata