Overview

overview

10

Static

static

10

c62217c3d7...8c.dll

windows7_x64

1

c62217c3d7...8c.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c62217c3d731798ffd5eeabf66cd214ba2ab7ebc1d4074ebc757928623deb18c

  • Size

    6KB

  • Sample

    220201-pwj4yafbe2

  • MD5

    f2ba03482cd57eef76f80554374f8a5c

  • SHA1

    417560cea970e841fa0d83db73f2e894fa4d261c

  • SHA256

    c62217c3d731798ffd5eeabf66cd214ba2ab7ebc1d4074ebc757928623deb18c

  • SHA512

    925a08250e459adbcdf7e4753bfcae44ee03be04f3d6da698e2c3c18f6777dafa5229307f1fb7acf2428576c36ac64fbba2a9e7686f8e3822219ad0932eaa974

Score
10/10
nloaderpersistence

Malware Config

Targets

    • Target

      c62217c3d731798ffd5eeabf66cd214ba2ab7ebc1d4074ebc757928623deb18c

    • Size

      6KB

    • MD5

      f2ba03482cd57eef76f80554374f8a5c

    • SHA1

      417560cea970e841fa0d83db73f2e894fa4d261c

    • SHA256

      c62217c3d731798ffd5eeabf66cd214ba2ab7ebc1d4074ebc757928623deb18c

    • SHA512

      925a08250e459adbcdf7e4753bfcae44ee03be04f3d6da698e2c3c18f6777dafa5229307f1fb7acf2428576c36ac64fbba2a9e7686f8e3822219ad0932eaa974

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks