Overview

overview

7

Static

static

1

proforma.exe

windows7-x64

7

proforma.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7F761F04FC0644F4C96A7679B04BD1DC32783E610F70EFD1819D4008BFFDEBC4

  • Size

    297KB

  • Sample

    221123-r1wdwaaa64

  • MD5

    93f859dcb3b0022ed8dba754694b9466

  • SHA1

    b0fdf5fdd7faa035aa3d5fe68f2576f4c22f2e14

  • SHA256

    7f761f04fc0644f4c96a7679b04bd1dc32783e610f70efd1819d4008bffdebc4

  • SHA512

    3e014fd758afb00168fe7fe07f2509af156ab430d8f32adef6fa0aa09091da3e53c5bdfb0ba7cddc381effb273ca8f7f179c4681d9165a4d6aa66c63bf2adf42

  • SSDEEP

    6144:wI/moktFoORNdx4crn4rXQvEEwq2JQDKChDNScTH1i5mBsTLaU9g0+M:w7okt3NdxB6XQcE52cdNScTVfIaUuvM

Score
7/10
discovery

Malware Config

Targets

    • Target

      proforma.exe

    • Size

      315KB

    • MD5

      6afc17303414964fc1d612adef16b0c0

    • SHA1

      6963b50ab1dc8608265a93e3c8b27ae9e3e91300

    • SHA256

      404afebfb91d4ddcfa1b8c82d62f75bf7d864d2d1f1683bd9beed457cba6cd33

    • SHA512

      15760e8ad3809120b3dd399ef2c662d8a67f98509dbb3afeb1800fd8c8b3a88f107813b2fc8d3eb6aba57b4aac1316de56dd949978f9406df7b742d0bba7d975

    • SSDEEP

      6144:bC2zKfqLODPDIh3JUk0aaA5LJfMbmaAuE6L680vhNYLBE:HKUODch5Uk0DAJfMXauB0vPoK

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks