Overview

overview

7

Static

static

3

client.exe

windows7-x64

7

client.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    client.exe

  • Size

    21.4MB

  • Sample

    220928-vbtqjageh9

  • MD5

    26594126c6f9ddc82e14fd2fbe426482

  • SHA1

    b019ba161beaea161656607b26cd8f5de40206ae

  • SHA256

    2a75ced50c959f193aa6b8026bbada6cfe70da5ce97f51af2f783116e49f7197

  • SHA512

    1d69d1398d46e6f096c20683b5eb709d9af6935b1cfe53aae2c31aacfb4f4ec9fcb501631f4ea132d32a7c62741badd88826497b81d3fc3c5071e9065d88bbaf

  • SSDEEP

    393216:MEFXEYP3IfWJe+o7CEDza2Qs5gqTlh2pP1J83a10DUsP7zr7/iZkK:MeXEYP3IfWIt7CEDOEQpPjEajqH/s

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      client.exe

    • Size

      21.4MB

    • MD5

      26594126c6f9ddc82e14fd2fbe426482

    • SHA1

      b019ba161beaea161656607b26cd8f5de40206ae

    • SHA256

      2a75ced50c959f193aa6b8026bbada6cfe70da5ce97f51af2f783116e49f7197

    • SHA512

      1d69d1398d46e6f096c20683b5eb709d9af6935b1cfe53aae2c31aacfb4f4ec9fcb501631f4ea132d32a7c62741badd88826497b81d3fc3c5071e9065d88bbaf

    • SSDEEP

      393216:MEFXEYP3IfWJe+o7CEDza2Qs5gqTlh2pP1J83a10DUsP7zr7/iZkK:MeXEYP3IfWIt7CEDOEQpPjEajqH/s

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks