Overview

overview

8

Static

static

5

613e5cae13...48.exe

windows7-x64

8

613e5cae13...48.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    613e5cae13064cfe7c5a21d5698b18b5184cbf586a1826ab8457f694310ccb48

  • Size

    923KB

  • Sample

    221019-rsgwhsbfe8

  • MD5

    9196a1445ad984c1b1b38b8ed52c3940

  • SHA1

    aa261424294874cc761770e64829b15c3e72d1bb

  • SHA256

    613e5cae13064cfe7c5a21d5698b18b5184cbf586a1826ab8457f694310ccb48

  • SHA512

    e34574cd61f8e244eabd1ebe93b602f278a6ce09643fa9811abd66a8753c0419bace3b00a6ab0a23d0295527faa47135358c232a4917cb47ae66ac6f2451038a

  • SSDEEP

    24576:WRmJkcoQricOIQxiZY1iarii4S7zNOqZ4BirV:zJZoQrbTFZY1iarii4S7f4gh

Score
8/10
persistence

Malware Config

Targets

    • Target

      613e5cae13064cfe7c5a21d5698b18b5184cbf586a1826ab8457f694310ccb48

    • Size

      923KB

    • MD5

      9196a1445ad984c1b1b38b8ed52c3940

    • SHA1

      aa261424294874cc761770e64829b15c3e72d1bb

    • SHA256

      613e5cae13064cfe7c5a21d5698b18b5184cbf586a1826ab8457f694310ccb48

    • SHA512

      e34574cd61f8e244eabd1ebe93b602f278a6ce09643fa9811abd66a8753c0419bace3b00a6ab0a23d0295527faa47135358c232a4917cb47ae66ac6f2451038a

    • SSDEEP

      24576:WRmJkcoQricOIQxiZY1iarii4S7zNOqZ4BirV:zJZoQrbTFZY1iarii4S7f4gh

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks