Overview

overview

10

Static

static

10

674ad8128d...9c.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    674ad8128d17418474a2b4615da81c935d4d7f9c

  • Size

    160KB

  • Sample

    220128-vzydmahed8

  • MD5

    9716372508103ef6a050c0de6685c3a1

  • SHA1

    674ad8128d17418474a2b4615da81c935d4d7f9c

  • SHA256

    ae9600cb391f447933e29069ca3000bb61a005d58fe14eb84fd830403221e48f

  • SHA512

    6738de8f90602772486519971669c96a180d11a523c2870b34e94d93e5c5171769c26459d93cf220b44a6924b01aff485e9e4f1dddc817cb758992575ab62aed

Score
10/10
sodinokibipersistence

Malware Config

Targets

    • Target

      674ad8128d17418474a2b4615da81c935d4d7f9c

    • Size

      160KB

    • MD5

      9716372508103ef6a050c0de6685c3a1

    • SHA1

      674ad8128d17418474a2b4615da81c935d4d7f9c

    • SHA256

      ae9600cb391f447933e29069ca3000bb61a005d58fe14eb84fd830403221e48f

    • SHA512

      6738de8f90602772486519971669c96a180d11a523c2870b34e94d93e5c5171769c26459d93cf220b44a6924b01aff485e9e4f1dddc817cb758992575ab62aed

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks