Overview

overview

10

Static

static

championship.inf.dll

windows7_x64

10

championship.inf.dll

windows10_x64

10

Resubmissions

15-09-2021 06:42

210915-hgtlhadaer 10

14-09-2021 08:06

210914-jzwz1sacfj 10

10-09-2021 11:57

210910-n4w8ssdbdp 10

08-09-2021 11:10

210908-m965hshefk 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    championship.inf

  • Size

    2.0MB

  • Sample

    210915-hgtlhadaer

  • MD5

    0b7da6388091ff9d696a18c95d41b587

  • SHA1

    6c10d7d88606ac1afd30b4e61bf232329a276cdc

  • SHA256

    6eedf45cb91f6762de4e35e36bcb03e5ad60ce9ac5a08caeb7eda035cd74762b

  • SHA512

    45b26e8f9885dca6f4e1984fc39cb4c2a5b5988c970f35dde987b7a5a8417acbe5e972a6602071e903425f91a9095c7c289e574c3bad3039324185ad85d06a9a

Score
10/10

Malware Config

Targets

    • Target

      championship.inf

    • Size

      2.0MB

    • MD5

      0b7da6388091ff9d696a18c95d41b587

    • SHA1

      6c10d7d88606ac1afd30b4e61bf232329a276cdc

    • SHA256

      6eedf45cb91f6762de4e35e36bcb03e5ad60ce9ac5a08caeb7eda035cd74762b

    • SHA512

      45b26e8f9885dca6f4e1984fc39cb4c2a5b5988c970f35dde987b7a5a8417acbe5e972a6602071e903425f91a9095c7c289e574c3bad3039324185ad85d06a9a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks