Overview

overview

8

Static

static

283d13bed1...3c.exe

windows7-x64

8

283d13bed1...3c.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c

  • Size

    506KB

  • Sample

    221123-lz9xzsgb4v

  • MD5

    372656a7afe1d76f989611d3af60968f

  • SHA1

    479ba87ea89e90441e9f52a7fa153a4f655eb01e

  • SHA256

    283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c

  • SHA512

    add8752831831aa0b54f58929999f1f2b114807344af921df4a1922a7b3d91965a4dfeed0b185fc3967d536e085e86e4dc9261338eed9a612ffd97dd75c7615c

  • SSDEEP

    6144:FuLziM8pQnuuudy/TuuuZqcoxBIU9CdGKuuue+dVJwiVrHtfkK5PHxE1pz7nAWEt:FuniMIyCRcB5CdGqyvaK5PGqWzu7

Score
8/10
persistence

Malware Config

Targets

    • Target

      283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c

    • Size

      506KB

    • MD5

      372656a7afe1d76f989611d3af60968f

    • SHA1

      479ba87ea89e90441e9f52a7fa153a4f655eb01e

    • SHA256

      283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c

    • SHA512

      add8752831831aa0b54f58929999f1f2b114807344af921df4a1922a7b3d91965a4dfeed0b185fc3967d536e085e86e4dc9261338eed9a612ffd97dd75c7615c

    • SSDEEP

      6144:FuLziM8pQnuuudy/TuuuZqcoxBIU9CdGKuuue+dVJwiVrHtfkK5PHxE1pz7nAWEt:FuniMIyCRcB5CdGqyvaK5PGqWzu7

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks