Overview

overview

10

Static

static

1d867553f9...d7.exe

windows7-x64

10

1d867553f9...d7.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1d867553f99629158cb05454817c86435230eeec433dc98ad74db8ab850b8cd7

  • Size

    169KB

  • Sample

    221123-k3a3dsdd51

  • MD5

    c9078f2549892fde6d8fca8c314f9684

  • SHA1

    d2f210d3b19860b02acd6e478229627f5f30bb74

  • SHA256

    1d867553f99629158cb05454817c86435230eeec433dc98ad74db8ab850b8cd7

  • SHA512

    616eb9d50870ffc9f936b787f4c07c96c07771bc3fb4d70046e5fde0cb1a09c52ea46e50360292a919553e921f45667f13130c6bc8a15632eea238822ee142eb

  • SSDEEP

    3072:2XCiLk7ndEFIp8d94jVS1CzyymLS1uhDeQ73njJx96sKBoy+6FvktHHxyyVg3:24YI09oS1C+yykQriuxyV

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      1d867553f99629158cb05454817c86435230eeec433dc98ad74db8ab850b8cd7

    • Size

      169KB

    • MD5

      c9078f2549892fde6d8fca8c314f9684

    • SHA1

      d2f210d3b19860b02acd6e478229627f5f30bb74

    • SHA256

      1d867553f99629158cb05454817c86435230eeec433dc98ad74db8ab850b8cd7

    • SHA512

      616eb9d50870ffc9f936b787f4c07c96c07771bc3fb4d70046e5fde0cb1a09c52ea46e50360292a919553e921f45667f13130c6bc8a15632eea238822ee142eb

    • SSDEEP

      3072:2XCiLk7ndEFIp8d94jVS1CzyymLS1uhDeQ73njJx96sKBoy+6FvktHHxyyVg3:24YI09oS1C+yykQriuxyV

    Score
    10/10
    evasionpersistencetrojan

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Adds policy Run key to start application

      persistence

    • Blocklisted process makes network request

    • Disables taskbar notifications via registry modification

      evasion

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks