Overview

overview

8

Static

static

d7b9385cd0...7e.exe

windows7-x64

8

d7b9385cd0...7e.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d7b9385cd06fe9320dade0ce3ae6d31cc748d61aaea5b71c3534d07ee1d3087e

  • Size

    442KB

  • Sample

    221124-e2vshsha98

  • MD5

    698ae325c1ea96b365a5dfed5e747856

  • SHA1

    45182cf082818fa3bec5c587ce346ba297dfdb76

  • SHA256

    d7b9385cd06fe9320dade0ce3ae6d31cc748d61aaea5b71c3534d07ee1d3087e

  • SHA512

    43ed818f7ab21e0d935592202b5e0e352afdd264f419aa55af2974d512ea9f5db106d2547b835f08235af2dd265cd9384605363c3691d9447a3b34830a704cf2

  • SSDEEP

    12288:zNjaSdaJquKjXoCiM5ECSeR1RR9LzSCpBswx3i1cq5:zNjaTJquKcG5ENEzR9K8xx3+c

Score
8/10
persistence

Malware Config

Targets

    • Target

      d7b9385cd06fe9320dade0ce3ae6d31cc748d61aaea5b71c3534d07ee1d3087e

    • Size

      442KB

    • MD5

      698ae325c1ea96b365a5dfed5e747856

    • SHA1

      45182cf082818fa3bec5c587ce346ba297dfdb76

    • SHA256

      d7b9385cd06fe9320dade0ce3ae6d31cc748d61aaea5b71c3534d07ee1d3087e

    • SHA512

      43ed818f7ab21e0d935592202b5e0e352afdd264f419aa55af2974d512ea9f5db106d2547b835f08235af2dd265cd9384605363c3691d9447a3b34830a704cf2

    • SSDEEP

      12288:zNjaSdaJquKjXoCiM5ECSeR1RR9LzSCpBswx3i1cq5:zNjaTJquKcG5ENEzR9K8xx3+c

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks