Overview

overview

10

Static

static

10

7d7c44f9c5...7f.exe

windows7_x64

1

7d7c44f9c5...7f.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d7c44f9c577c0af913d905b51797f17399d650de0331885abc8828c2696d37f

  • Size

    72KB

  • Sample

    220131-3t5vhsdfgm

  • MD5

    b7d38d7cb31b61b7baadb5c9b526ba15

  • SHA1

    92e2568ae3c8c3198ea2dd656821d6ba473835df

  • SHA256

    7d7c44f9c577c0af913d905b51797f17399d650de0331885abc8828c2696d37f

  • SHA512

    b3664b33a224148bae9e395164ad3e1668bacceb0c69a6299d05ec49bcef4998528d1b131e6a5fdcdd286067891a52e83cbdf8e7ee33094799fca0da4760dad8

Score
10/10
nefilimpersistence

Malware Config

Targets

    • Target

      7d7c44f9c577c0af913d905b51797f17399d650de0331885abc8828c2696d37f

    • Size

      72KB

    • MD5

      b7d38d7cb31b61b7baadb5c9b526ba15

    • SHA1

      92e2568ae3c8c3198ea2dd656821d6ba473835df

    • SHA256

      7d7c44f9c577c0af913d905b51797f17399d650de0331885abc8828c2696d37f

    • SHA512

      b3664b33a224148bae9e395164ad3e1668bacceb0c69a6299d05ec49bcef4998528d1b131e6a5fdcdd286067891a52e83cbdf8e7ee33094799fca0da4760dad8

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks