Overview

overview

10

Static

static

5

Full Install.exe

windows7-x64

10

Full Install.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31d7353bec3a6d862e9fc81e4c472d052a6da0df99ad316a63fbd61c23459192

  • Size

    1.2MB

  • Sample

    220919-el2wwsbchm

  • MD5

    e3cfde31ff3875f81a4a809aa7782105

  • SHA1

    8ac6069be38976a280b86b1d10ecbac23c91adb8

  • SHA256

    31d7353bec3a6d862e9fc81e4c472d052a6da0df99ad316a63fbd61c23459192

  • SHA512

    393a8c21a6e9b1cddfbbc7fda0de99013f3eb9ce9cf27345bda419028e8f8c68ee7f3bfb8e0ec3cd3169ce5da3b04a3d7538447a94bb247a993539508a751590

  • SSDEEP

    24576:nxA93urN2RQkcA9+MLvSgkriUUNq8qt0Muo0qvXkaIJr0lgF/uS3vC:nxWg299PjSFriUUC0Mbt0b9hFT3vC

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      Full Install.exe

    • Size

      1.3MB

    • MD5

      70364fa4e186b91a1782ac29a13bb3ad

    • SHA1

      1f4c9fb938ac2d78a8a3ea091bd9395e962d5589

    • SHA256

      72592d99f4521b4cc9014bc2a361e84382de2e12610aa32ea5927a6d75228939

    • SHA512

      d2ad64ece3371d90ff140d9ed27ffcfa93bbadd9175f7b08feaefb8e4ea9203dcf23b4f98a23fb19969c03aee85f8986096e21678eb746f9b89e4156c40a23dd

    • SSDEEP

      24576:4RmJkcoQricOIQxiZY1iazQGeD9EMuoKqFX8amJ54lkrNu/3vL:9JZoQrbTFZY1iaXs9EMb1sxL3rA3vL

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks