Overview

overview

8

Static

static

f66eb73df3...d0.exe

windows7-x64

8

f66eb73df3...d0.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    f66eb73df3cd0229cc1dd1ddb8dab304f40c353c7e0b0cfeb87c30cf247c00d0

  • Size

    297KB

  • Sample

    221030-xrchasegf8

  • MD5

    8314d07af946d4ba26cc7d78c4060250

  • SHA1

    9587793d8298b2f68741adb54ff26094decba006

  • SHA256

    f66eb73df3cd0229cc1dd1ddb8dab304f40c353c7e0b0cfeb87c30cf247c00d0

  • SHA512

    352e89ff576091c2a111ceadce0a5fd499118ee5589866fd49b881c93ec887493d0d4b633ffc88b7bd73218928fcdcaf99c70e29a11ee7c3a9af4b8a39c3dd83

  • SSDEEP

    3072:ypx9OyYbAhhCIIY5UYFmyhL4HqqbqBX68fhgVSqqIVhKmg1DAXq33gdbw536cWP8:yLAyVhhGHuL4KTBXv1HmaA4+Moc+wP

Score
8/10
persistence

Malware Config

Targets

    • Target

      f66eb73df3cd0229cc1dd1ddb8dab304f40c353c7e0b0cfeb87c30cf247c00d0

    • Size

      297KB

    • MD5

      8314d07af946d4ba26cc7d78c4060250

    • SHA1

      9587793d8298b2f68741adb54ff26094decba006

    • SHA256

      f66eb73df3cd0229cc1dd1ddb8dab304f40c353c7e0b0cfeb87c30cf247c00d0

    • SHA512

      352e89ff576091c2a111ceadce0a5fd499118ee5589866fd49b881c93ec887493d0d4b633ffc88b7bd73218928fcdcaf99c70e29a11ee7c3a9af4b8a39c3dd83

    • SSDEEP

      3072:ypx9OyYbAhhCIIY5UYFmyhL4HqqbqBX68fhgVSqqIVhKmg1DAXq33gdbw536cWP8:yLAyVhhGHuL4KTBXv1HmaA4+Moc+wP

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks