Overview

overview

8

Static

static

fa83d8205d...7b.exe

windows7-x64

8

fa83d8205d...7b.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa83d8205d2898d5363eb0a71b38ce6c03699b158fb5e7288b1ea1bee790357b

  • Size

    138KB

  • Sample

    221123-lqpkpaca46

  • MD5

    f8d337ef98fef5067c336bcd81bb5029

  • SHA1

    3f48bf2c642a1f8654bb2f31347f7392e259a7d6

  • SHA256

    fa83d8205d2898d5363eb0a71b38ce6c03699b158fb5e7288b1ea1bee790357b

  • SHA512

    474e725065b5acdc5572086ba70ff9e1131beddbaf131cc4b665a1b674c7724f74fffbb26769b7a5cd28c3a7142679cb3cdf62b39dbb510fcb111bde95eb11fe

  • SSDEEP

    3072:KTIx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1r3wQGu:KTIoGtmiYlW4A1QvGXjBUQGu

Score
8/10
persistence

Malware Config

Targets

    • Target

      fa83d8205d2898d5363eb0a71b38ce6c03699b158fb5e7288b1ea1bee790357b

    • Size

      138KB

    • MD5

      f8d337ef98fef5067c336bcd81bb5029

    • SHA1

      3f48bf2c642a1f8654bb2f31347f7392e259a7d6

    • SHA256

      fa83d8205d2898d5363eb0a71b38ce6c03699b158fb5e7288b1ea1bee790357b

    • SHA512

      474e725065b5acdc5572086ba70ff9e1131beddbaf131cc4b665a1b674c7724f74fffbb26769b7a5cd28c3a7142679cb3cdf62b39dbb510fcb111bde95eb11fe

    • SSDEEP

      3072:KTIx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1r3wQGu:KTIoGtmiYlW4A1QvGXjBUQGu

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks