Overview

overview

10

Static

static

95202fe133...81.exe

windows7_x64

3

95202fe133...81.exe

windows10-2004_x64

10

Resubmissions

13-02-2022 03:51

220213-eetlyafdbq 10

01-02-2022 14:04

220201-rdsdpsfder 10

30-01-2022 23:37

220130-3l5jsacben 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95202fe13309a9b1651766298c833b21494a92f0b210fc6469d79d3fa444db81.bin

  • Size

    397KB

  • Sample

    220201-rdsdpsfder

  • MD5

    060d27d25844b408e0d5d6d42684b669

  • SHA1

    5105db84660209f5481880e09145536254c6995b

  • SHA256

    95202fe13309a9b1651766298c833b21494a92f0b210fc6469d79d3fa444db81

  • SHA512

    1bbd305e1e003390f9b74b553d30650e8580a5c642b403584b67993d243d6676448ccfb3db31d1c2e62852dd21ceb16e1087bc25d5c19593e03b50281728c5b0

Score
10/10
persistence

Malware Config

Targets

    • Target

      95202fe13309a9b1651766298c833b21494a92f0b210fc6469d79d3fa444db81.bin

    • Size

      397KB

    • MD5

      060d27d25844b408e0d5d6d42684b669

    • SHA1

      5105db84660209f5481880e09145536254c6995b

    • SHA256

      95202fe13309a9b1651766298c833b21494a92f0b210fc6469d79d3fa444db81

    • SHA512

      1bbd305e1e003390f9b74b553d30650e8580a5c642b403584b67993d243d6676448ccfb3db31d1c2e62852dd21ceb16e1087bc25d5c19593e03b50281728c5b0

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks