Resubmissions

27-10-2022 16:10

221027-tmnszscfh6 10

13-04-2022 09:32

220413-lhmfcsahbk 8

General

  • Target

    IconCacheService.dll

  • Size

    248KB

  • Sample

    221027-tmnszscfh6

  • MD5

    e031c9984f65a9060ec1e70fbb84746b

  • SHA1

    b01950ed9b1929fee04a9c23ac49e3de89e37228

  • SHA256

    95bbd494cecc25a422fa35912ec2365f3200d5a18ea4bfad5566432eb0834f9f

  • SHA512

    5dd1f004516b9fc0f0c36bca22dafaed9103191ebeea291e8d6f32f9b01b77fb18a0c4c5d04bd760a38651380a3680ede8b07f3d522f710b3df228ac8d934a2b

  • SSDEEP

    6144:Gv77pPt5CRJRYHdhtxESU6FmixSG8aKUBYA/D1Q:GvX5C/qdhMZpG8a2A5Q

Score
10/10

Malware Config

Targets

    • Target

      IconCacheService.dll

    • Size

      248KB

    • MD5

      e031c9984f65a9060ec1e70fbb84746b

    • SHA1

      b01950ed9b1929fee04a9c23ac49e3de89e37228

    • SHA256

      95bbd494cecc25a422fa35912ec2365f3200d5a18ea4bfad5566432eb0834f9f

    • SHA512

      5dd1f004516b9fc0f0c36bca22dafaed9103191ebeea291e8d6f32f9b01b77fb18a0c4c5d04bd760a38651380a3680ede8b07f3d522f710b3df228ac8d934a2b

    • SSDEEP

      6144:Gv77pPt5CRJRYHdhtxESU6FmixSG8aKUBYA/D1Q:GvX5C/qdhMZpG8a2A5Q

    Score
    8/10
    • Blocklisted process makes network request

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Tasks