svcready | 2c2c3804f3608d135f1bb91d3e98ec2ba70b891d081815182587027a4e055d3a | Triage

Submit
Reports

Overview

overview

Static

static

gruppoblue...2.docm

windows7-x64

gruppoblue...2.docm

windows10-2004-x64

Sharing

General

Target

gruppobluecity invoice 18.07.22.doc
Size

3.2MB
Sample

220718-jzd47saeg5
MD5

da6355ab636c37acd813212a2e75557b
SHA1

aa065a0c1637948fa56913c47ca263218999bcef
SHA256

2c2c3804f3608d135f1bb91d3e98ec2ba70b891d081815182587027a4e055d3a
SHA512

a06f0b20c4b37af1af29b8e856953a73bb12736b8df4beeeadfe4bc8c21b206adf4217a85eb26aa59609724e0fd9e35a7944b0bf3538396c41af73f3ec9c715d

Score

10^/10

svcready loader

Static task

static1

Behavioral task

behavioral1

Sample

gruppobluecity invoice 18.07.22.docm

Resource

win7-20220414-en

svcready loader

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

gruppobluecity invoice 18.07.22.docm

Resource

win10v2004-20220414-en

svcready loader

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  gruppobluecity invoice 18.07.22.doc
- Size
  
  3.2MB
- MD5
  
  da6355ab636c37acd813212a2e75557b
- SHA1
  
  aa065a0c1637948fa56913c47ca263218999bcef
- SHA256
  
  2c2c3804f3608d135f1bb91d3e98ec2ba70b891d081815182587027a4e055d3a
- SHA512
  
  a06f0b20c4b37af1af29b8e856953a73bb12736b8df4beeeadfe4bc8c21b206adf4217a85eb26aa59609724e0fd9e35a7944b0bf3538396c41af73f3ec9c715d
Score

10^/10

svcready loader
- Detects SVCReady loader
- SVCReady
  SVCReady is a malware loader first seen in April 2022.
  loader svcready
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy