Overview

overview

10

Static

static

7

f405ef4a34...2c.exe

windows7_x64

1

f405ef4a34...2c.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f405ef4a34ab97ef7fbf4c5cb4d500cf31d40cb044e05644f164551b1163ce2c

  • Size

    3.5MB

  • Sample

    220215-fdm87sahb5

  • MD5

    df6044c35d8227731004a623028993c1

  • SHA1

    d8f69ede23cb08e6df1b00f2fb63eee01b5cd33b

  • SHA256

    f405ef4a34ab97ef7fbf4c5cb4d500cf31d40cb044e05644f164551b1163ce2c

  • SHA512

    bba837a9086aadae0d3163f3916f7c0e2d165e7d7a42f8017ff535e01824425c69f2109a340b72a0a5d20665dfa71a948560ec1b5f5fafce3fc8f80b484a4f6d

Score
10/10
themida

Malware Config

Targets

    • Target

      f405ef4a34ab97ef7fbf4c5cb4d500cf31d40cb044e05644f164551b1163ce2c

    • Size

      3.5MB

    • MD5

      df6044c35d8227731004a623028993c1

    • SHA1

      d8f69ede23cb08e6df1b00f2fb63eee01b5cd33b

    • SHA256

      f405ef4a34ab97ef7fbf4c5cb4d500cf31d40cb044e05644f164551b1163ce2c

    • SHA512

      bba837a9086aadae0d3163f3916f7c0e2d165e7d7a42f8017ff535e01824425c69f2109a340b72a0a5d20665dfa71a948560ec1b5f5fafce3fc8f80b484a4f6d

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks