Overview

overview

8

Static

static

864d8a6d53...e5.exe

windows7-x64

8

864d8a6d53...e5.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    864d8a6d5318eea7dc89ec864013fd33ee4d9f8d45f4bac2cade829362cc43e5

  • Size

    124KB

  • Sample

    221123-q3c5msae7y

  • MD5

    271a265825af40f9ccd5243a1e4fe275

  • SHA1

    9394e716634dceeb654423cd95a9c9716725f0ac

  • SHA256

    864d8a6d5318eea7dc89ec864013fd33ee4d9f8d45f4bac2cade829362cc43e5

  • SHA512

    ac1997d299ef7b2c6720b824392239f57b9d6d744197deccdb850926d39460f4ff879a38a99b5a3496a26cf0fbdc8e901ba0ea81996a0b20685a115bd226de96

  • SSDEEP

    3072:8cEE9t/0FZ3N68DfKrCAhh1m5fBC2dCiuN/:cFZ3N68DfUPt23G/

Score
8/10
persistence

Malware Config

Targets

    • Target

      864d8a6d5318eea7dc89ec864013fd33ee4d9f8d45f4bac2cade829362cc43e5

    • Size

      124KB

    • MD5

      271a265825af40f9ccd5243a1e4fe275

    • SHA1

      9394e716634dceeb654423cd95a9c9716725f0ac

    • SHA256

      864d8a6d5318eea7dc89ec864013fd33ee4d9f8d45f4bac2cade829362cc43e5

    • SHA512

      ac1997d299ef7b2c6720b824392239f57b9d6d744197deccdb850926d39460f4ff879a38a99b5a3496a26cf0fbdc8e901ba0ea81996a0b20685a115bd226de96

    • SSDEEP

      3072:8cEE9t/0FZ3N68DfKrCAhh1m5fBC2dCiuN/:cFZ3N68DfUPt23G/

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks