332e105954e8c17225ff83ed61414ab849f3157d6524fb59d431d0e7be4ef941 | Triage

Submit
Reports

Overview

overview

Static

static

8

Handicapping.exe

windows10_x64

Sharing

General

Target

Handicapping.exe
Size

120KB
Sample

211205-zhfvgaffg2
MD5

60d5e78626f9961a87998315f18fc686
SHA1

2bdfc1f3a83bf15de8439b5846079ef0f560f30f
SHA256

332e105954e8c17225ff83ed61414ab849f3157d6524fb59d431d0e7be4ef941
SHA512

382a1e24421f1434fc4d8162ecbd3f0cbf7a888b5fb86a96cdf732d2a670c70e7e0b4e0ced7f4db321efdcf2959bc4d7da05c78cfea8f091f25e002bda583877

Score

10^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

Handicapping.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Handicapping.exe
- Size
  
  120KB
- MD5
  
  60d5e78626f9961a87998315f18fc686
- SHA1
  
  2bdfc1f3a83bf15de8439b5846079ef0f560f30f
- SHA256
  
  332e105954e8c17225ff83ed61414ab849f3157d6524fb59d431d0e7be4ef941
- SHA512
  
  382a1e24421f1434fc4d8162ecbd3f0cbf7a888b5fb86a96cdf732d2a670c70e7e0b4e0ced7f4db321efdcf2959bc4d7da05c78cfea8f091f25e002bda583877
Score

10^/10

persistence
- Suspicious use of NtCreateProcessExOtherParentProcess
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy