Overview

overview

10

Static

static

a62f894c60...7b.exe

windows7-x64

10

a62f894c60...7b.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a62f894c601a4e481f9ee1a1d0625f5d7e4b6065a5756155c95007ee8c72207b

  • Size

    150KB

  • Sample

    221123-qq5n5ahf4t

  • MD5

    c98897c52c2c82705d4f73f44c733dec

  • SHA1

    daeac16902ea002c8c76d32d8db1cddc159f9426

  • SHA256

    a62f894c601a4e481f9ee1a1d0625f5d7e4b6065a5756155c95007ee8c72207b

  • SHA512

    40e4f3e2ff4473bf3f9722917e82d5177f59dcd94f7922dbb662ab9355f0dbe8443dbd8bdb4462fd156742dd0271b69120c381b3e4cc8046e1f5131f4b980a2e

  • SSDEEP

    3072:m4nOeNclhWePioq9I/aMDy4LmRby5XxNfeXLZbpV:RJAhrioq9IRDyMxkXd

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      a62f894c601a4e481f9ee1a1d0625f5d7e4b6065a5756155c95007ee8c72207b

    • Size

      150KB

    • MD5

      c98897c52c2c82705d4f73f44c733dec

    • SHA1

      daeac16902ea002c8c76d32d8db1cddc159f9426

    • SHA256

      a62f894c601a4e481f9ee1a1d0625f5d7e4b6065a5756155c95007ee8c72207b

    • SHA512

      40e4f3e2ff4473bf3f9722917e82d5177f59dcd94f7922dbb662ab9355f0dbe8443dbd8bdb4462fd156742dd0271b69120c381b3e4cc8046e1f5131f4b980a2e

    • SSDEEP

      3072:m4nOeNclhWePioq9I/aMDy4LmRby5XxNfeXLZbpV:RJAhrioq9IRDyMxkXd

    Score
    10/10
    evasionpersistencetrojan

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Adds policy Run key to start application

      persistence

    • Blocklisted process makes network request

    • Disables taskbar notifications via registry modification

      evasion

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks