netwalker | b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117 | Triage

Submit
Reports

Overview

overview

Static

static

b67bc1d9c7...17.exe

windows7_x64

3

b67bc1d9c7...17.exe

windows10-2004_x64

Sharing

General

Target

b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117
Size

80KB
Sample

220201-bsm5jafcb3
MD5

9001dfa8d69dd4e8343c164280de8535
SHA1

6a53797d6df4d1ac52a9526dbdc6c5f1fb371933
SHA256

b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117
SHA512

c2c57af584b6dbae53f1b392cb740fc1342490c31c3ee949e6fe7cbcb58b4390bd6d2408499594c14e3e1d1ce25564186a13f509db12ee3c8bae06f9fdca5a5a

Score

10^/10

netwalker persistence

Static task

static1

Behavioral task

behavioral1

Sample

b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117
- Size
  
  80KB
- MD5
  
  9001dfa8d69dd4e8343c164280de8535
- SHA1
  
  6a53797d6df4d1ac52a9526dbdc6c5f1fb371933
- SHA256
  
  b67bc1d9c7fe0672a79076e1546827e0642901cd62f7795d7a403bc3ba4a7117
- SHA512
  
  c2c57af584b6dbae53f1b392cb740fc1342490c31c3ee949e6fe7cbcb58b4390bd6d2408499594c14e3e1d1ce25564186a13f509db12ee3c8bae06f9fdca5a5a
Score

10^/10

persistence
- Suspicious use of NtCreateProcessExOtherParentProcess
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy