Overview

overview

8

Static

static

9235f3cb1a...93.exe

windows7-x64

8

9235f3cb1a...93.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9235f3cb1a73b53e265fdb488c05e6ff2c74b7fed21732cfc7da36fd60a75a93

  • Size

    356KB

  • Sample

    221124-14a2sace29

  • MD5

    74e3ff0c5c8197632150eeec60cd7b31

  • SHA1

    1f97492ee077619f12edd691d3da6cc664b9e8b5

  • SHA256

    9235f3cb1a73b53e265fdb488c05e6ff2c74b7fed21732cfc7da36fd60a75a93

  • SHA512

    e36766c2a2472543b5a842936dfa699d5ef2ea2cdd531e617dde159e9b7ff7cff5056e351c547d44fe95555e7d9f75e7b88be9260072c2aba889270360fb3c91

  • SSDEEP

    6144:b0hjEofEPGFtb33s/BeS2l1e/B6p3GcxYsqd0wPPqDWESkmJQwIqX0ufO:b6jxfEuF53s/K1eE3Fx8hhG

Score
8/10
persistence

Malware Config

Targets

    • Target

      9235f3cb1a73b53e265fdb488c05e6ff2c74b7fed21732cfc7da36fd60a75a93

    • Size

      356KB

    • MD5

      74e3ff0c5c8197632150eeec60cd7b31

    • SHA1

      1f97492ee077619f12edd691d3da6cc664b9e8b5

    • SHA256

      9235f3cb1a73b53e265fdb488c05e6ff2c74b7fed21732cfc7da36fd60a75a93

    • SHA512

      e36766c2a2472543b5a842936dfa699d5ef2ea2cdd531e617dde159e9b7ff7cff5056e351c547d44fe95555e7d9f75e7b88be9260072c2aba889270360fb3c91

    • SSDEEP

      6144:b0hjEofEPGFtb33s/BeS2l1e/B6p3GcxYsqd0wPPqDWESkmJQwIqX0ufO:b6jxfEuF53s/K1eE3Fx8hhG

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks