Overview

overview

10

Static

static

d912062967...78.exe

windows7_x64

10

d912062967...78.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9120629675b34e1a33b9bd34fadd0249ce1a903d510045565c31769e4881e78

  • Size

    2.4MB

  • Sample

    220306-hmq3kabhhn

  • MD5

    469c0460e4c1fefd01db4ae9f79c53c7

  • SHA1

    975e5ac0f82b26eb4df8c718207c61dd8afee9ff

  • SHA256

    d9120629675b34e1a33b9bd34fadd0249ce1a903d510045565c31769e4881e78

  • SHA512

    d7a109e33abd2f6383c50b973db5c252f5c6e0b0c079ba1b5ccd3281e4e73b43422236149d8cdf76842f4c4ccabc07a34bc23c46c2f01715afb29436464af0ec

Score
10/10
strongpitypersistencespywarestealer

Malware Config

Targets

    • Target

      d9120629675b34e1a33b9bd34fadd0249ce1a903d510045565c31769e4881e78

    • Size

      2.4MB

    • MD5

      469c0460e4c1fefd01db4ae9f79c53c7

    • SHA1

      975e5ac0f82b26eb4df8c718207c61dd8afee9ff

    • SHA256

      d9120629675b34e1a33b9bd34fadd0249ce1a903d510045565c31769e4881e78

    • SHA512

      d7a109e33abd2f6383c50b973db5c252f5c6e0b0c079ba1b5ccd3281e4e73b43422236149d8cdf76842f4c4ccabc07a34bc23c46c2f01715afb29436464af0ec

    Score
    10/10
    strongpitypersistencespywarestealer

    • StrongPity

      StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

      stealerspywarestrongpity

    • StrongPity Spyware

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks