Overview

overview

8

Static

static

26f8ac295a...49.exe

windows7-x64

8

26f8ac295a...49.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749

  • Size

    182KB

  • Sample

    221123-s5vhtagb6v

  • MD5

    366d1773468b870f7c6107efb0e9aa70

  • SHA1

    4a8ad564be4460824e5e6048246213d40161c394

  • SHA256

    26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749

  • SHA512

    1a142a296d267ff2931ffe1709a9bc9890ced9ce105e22eb8650e154ecd32fb45294d871667c1e27a2d5813ef853fb9f606225431c59196b8b75a798fe9d4f1f

  • SSDEEP

    3072:g96kfLhHSdldQEcRIPOBU4OkvDxutbY1ufFCqZ9rcbCE0M4HJ29Yv:g96kfLVSl3cKJ4OkbcbkwCqZ9rfM4Hz

Score
8/10
persistence

Malware Config

Targets

    • Target

      26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749

    • Size

      182KB

    • MD5

      366d1773468b870f7c6107efb0e9aa70

    • SHA1

      4a8ad564be4460824e5e6048246213d40161c394

    • SHA256

      26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749

    • SHA512

      1a142a296d267ff2931ffe1709a9bc9890ced9ce105e22eb8650e154ecd32fb45294d871667c1e27a2d5813ef853fb9f606225431c59196b8b75a798fe9d4f1f

    • SSDEEP

      3072:g96kfLhHSdldQEcRIPOBU4OkvDxutbY1ufFCqZ9rcbCE0M4HJ29Yv:g96kfLVSl3cKJ4OkbcbkwCqZ9rfM4Hz

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks