Overview

overview

8

Static

static

936492d66e...0c.exe

windows7-x64

8

936492d66e...0c.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c

  • Size

    270KB

  • Sample

    221123-m9ckxagb65

  • MD5

    b3a76e5fbec66b688634bf9fcfc772b8

  • SHA1

    f20b911329c0b2598622125026b36ac26192f351

  • SHA256

    936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c

  • SHA512

    a05e16c0e1ebebeefcbf12ffe636851b52fa4edc3c87d71d4366435f86b440954709a0add0d50dede17e1e6329b88290ca5b3e06f16769ba309dae88183b9033

  • SSDEEP

    6144:TtjpoIzqvoArlO+Bei92/pWTxq/fnx7GDrRcJIcxyCq0hzfb:Bcvo8LVq/PERcHxywb

Score
8/10
persistence

Malware Config

Targets

    • Target

      936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c

    • Size

      270KB

    • MD5

      b3a76e5fbec66b688634bf9fcfc772b8

    • SHA1

      f20b911329c0b2598622125026b36ac26192f351

    • SHA256

      936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c

    • SHA512

      a05e16c0e1ebebeefcbf12ffe636851b52fa4edc3c87d71d4366435f86b440954709a0add0d50dede17e1e6329b88290ca5b3e06f16769ba309dae88183b9033

    • SSDEEP

      6144:TtjpoIzqvoArlO+Bei92/pWTxq/fnx7GDrRcJIcxyCq0hzfb:Bcvo8LVq/PERcHxywb

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks