Overview

overview

8

Static

static

6155349550...aa.exe

windows7-x64

8

6155349550...aa.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61553495507bc4dfa2dfc44ecb01351f98893085a209a1f834c9ae80a29745aa

  • Size

    329KB

  • Sample

    221123-lq8cssfe2t

  • MD5

    cb0b8c27a0a6ee62b87cc27294ac3b74

  • SHA1

    171e180505476e4b309c4314f596f6903ee845c3

  • SHA256

    61553495507bc4dfa2dfc44ecb01351f98893085a209a1f834c9ae80a29745aa

  • SHA512

    e0ee2c150c1d90155dc9d7d27ce53db56bff578966bec7fa626b66d1c502766dff695181a29097f6bfd092d460e0a9ae8f4e6ce4903b01829ed46087f0cc380f

  • SSDEEP

    6144:BtEV7FUg+iyUXe2ZsD9eBVtQRlc12iVkIFzA9TLSDoC3FHvKHM4n4:BaVFQiym920jcc1f9U9XS335vHN

Score
8/10
persistence

Malware Config

Targets

    • Target

      61553495507bc4dfa2dfc44ecb01351f98893085a209a1f834c9ae80a29745aa

    • Size

      329KB

    • MD5

      cb0b8c27a0a6ee62b87cc27294ac3b74

    • SHA1

      171e180505476e4b309c4314f596f6903ee845c3

    • SHA256

      61553495507bc4dfa2dfc44ecb01351f98893085a209a1f834c9ae80a29745aa

    • SHA512

      e0ee2c150c1d90155dc9d7d27ce53db56bff578966bec7fa626b66d1c502766dff695181a29097f6bfd092d460e0a9ae8f4e6ce4903b01829ed46087f0cc380f

    • SSDEEP

      6144:BtEV7FUg+iyUXe2ZsD9eBVtQRlc12iVkIFzA9TLSDoC3FHvKHM4n4:BaVFQiym920jcc1f9U9XS335vHN

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks