Overview

overview

8

Static

static

d2501f9f10...e2.exe

windows7-x64

8

d2501f9f10...e2.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2

  • Size

    304KB

  • Sample

    221124-e26j1shb37

  • MD5

    c30ccdcf9d08cb32f21f30138aee4bf4

  • SHA1

    16ccef637353eef88da6b476fd6edb8d7c08531c

  • SHA256

    d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2

  • SHA512

    474a498027e3b7ec79d817020ea90662945cbb553913de3eec89226f51e324be682e6c0abfd14a9422cc9e8625d529b4025b183c7a17553617cf66bdc1fff18d

  • SSDEEP

    6144:ihnqsd6VLR98xm7BtzilD3PZI7u+3tqd1w2dBMSXW:iRqdNx7KlEdgw9D

Score
8/10
persistence

Malware Config

Targets

    • Target

      d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2

    • Size

      304KB

    • MD5

      c30ccdcf9d08cb32f21f30138aee4bf4

    • SHA1

      16ccef637353eef88da6b476fd6edb8d7c08531c

    • SHA256

      d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2

    • SHA512

      474a498027e3b7ec79d817020ea90662945cbb553913de3eec89226f51e324be682e6c0abfd14a9422cc9e8625d529b4025b183c7a17553617cf66bdc1fff18d

    • SSDEEP

      6144:ihnqsd6VLR98xm7BtzilD3PZI7u+3tqd1w2dBMSXW:iRqdNx7KlEdgw9D

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks