Overview

overview

10

Static

static

10

191c372af2...ed.dll

windows7_x64

1

191c372af2...ed.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    191c372af20a9affa1f9acb522cb7af2e0b3cd0d38e4a88c1c2224a75ac35ded

  • Size

    133KB

  • Sample

    220201-l3q92sdbe8

  • MD5

    1681a0a5e5fb2e887be152a474a056d3

  • SHA1

    9e941f12c1f6085a44689f7c594df66d361fd7fb

  • SHA256

    191c372af20a9affa1f9acb522cb7af2e0b3cd0d38e4a88c1c2224a75ac35ded

  • SHA512

    bddcf77ce8410acee1c5599c8a9b78830977430a82a53f9d5d81b3e3583ce4b8b1bd5af9ef078665665a8f9068defc11d38f305549bf5d694cab1b52b0e5e2bd

Score
10/10
anchordnsbackdoorpersistence

Malware Config

Targets

    • Target

      191c372af20a9affa1f9acb522cb7af2e0b3cd0d38e4a88c1c2224a75ac35ded

    • Size

      133KB

    • MD5

      1681a0a5e5fb2e887be152a474a056d3

    • SHA1

      9e941f12c1f6085a44689f7c594df66d361fd7fb

    • SHA256

      191c372af20a9affa1f9acb522cb7af2e0b3cd0d38e4a88c1c2224a75ac35ded

    • SHA512

      bddcf77ce8410acee1c5599c8a9b78830977430a82a53f9d5d81b3e3583ce4b8b1bd5af9ef078665665a8f9068defc11d38f305549bf5d694cab1b52b0e5e2bd

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks