Overview

overview

8

Static

static

5

432a3c22d2...21.exe

windows7-x64

8

432a3c22d2...21.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    432a3c22d2235e7fe453ec76e20daa6d5e8bd308d56074b275f484a4e3a0bb21.zip

  • Size

    526KB

  • Sample

    221123-st63gacc42

  • MD5

    83a3408d5f59ffe939dfc1d2867a79bf

  • SHA1

    5b47387a132c170217c479bb1ce1917c743b1eea

  • SHA256

    c2d6318bf563fb7a9251bddafce0688e2ef30af6888d6a9de665a747ac80b50d

  • SHA512

    708eb8865326289caf3cd01f36f8453c75494033f1ef60d542bd623d5831f77507132b09a8c350be078f7bdfc78df3442f7b6f4dc713bb6fa7e28197dee69926

  • SSDEEP

    12288:ZgaxYbsM9kuvgHmnI7qleCR6j6VhdStWgypaURwHiGGxe4TJx4CNxL:ZVWbvngnCR6j6FxpaU6CGGME/Bb

Score
8/10
persistence

Malware Config

Targets

    • Target

      432a3c22d2235e7fe453ec76e20daa6d5e8bd308d56074b275f484a4e3a0bb21

    • Size

      816KB

    • MD5

      339e0a490454d88c80abb342555170a6

    • SHA1

      0620e7238d02ff5407e2786c1d9d0dc0e36af098

    • SHA256

      432a3c22d2235e7fe453ec76e20daa6d5e8bd308d56074b275f484a4e3a0bb21

    • SHA512

      a1f7c281cd920c52897908e741da15ff9675b0c2460ac4078bd9b4a44c30abe7afe375aa33aa41fcadfdb699529c3dbc65ffaa1c6f300efe3af704891205e1a1

    • SSDEEP

      24576:uRmJkcoQricOIQxiZY1iaC4GP2fZqoVqD3:7JZoQrbTFZY1iaC4FfZLc

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks