d3371af2067d4ab057a9ddd352f439dfbe19d11e8012a8a7586d7402be33fc39 | Triage

Submit
Reports

Overview

overview

8

Static

static

client-build.exe

windows7-x64

8

client-build.exe

windows10-2004-x64

8

Sharing

General

Target

client-build.bin
Size

138KB
Sample

220717-wyqstsfegm
MD5

558f1f82efa9cc7032efd92fb02efb61
SHA1

536ca94d8242ca78a91696ad736b7f586155cbd2
SHA256

d3371af2067d4ab057a9ddd352f439dfbe19d11e8012a8a7586d7402be33fc39
SHA512

4454facdaa545884a9d6d0213e9760506e22b453f7585e4ce2e6b38b3b9de121bb19d6673618efaa59660d3ae0a2f73a892ff72e96dcf465149f2d2f9799b680

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

client-build.exe

Resource

win7-20220414-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

client-build.exe

Resource

win10v2004-20220414-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  client-build.bin
- Size
  
  138KB
- MD5
  
  558f1f82efa9cc7032efd92fb02efb61
- SHA1
  
  536ca94d8242ca78a91696ad736b7f586155cbd2
- SHA256
  
  d3371af2067d4ab057a9ddd352f439dfbe19d11e8012a8a7586d7402be33fc39
- SHA512
  
  4454facdaa545884a9d6d0213e9760506e22b453f7585e4ce2e6b38b3b9de121bb19d6673618efaa59660d3ae0a2f73a892ff72e96dcf465149f2d2f9799b680
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy