Overview

overview

8

Static

static

1

55b76d229c...4b.exe

windows7-x64

8

55b76d229c...4b.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55b76d229ca2ae94f5594050bfe8dd91f8ec8b26c0c7ae1956688494b051084b

  • Size

    206KB

  • Sample

    221124-n3s5raca53

  • MD5

    6c21d0c5867d51e82f3ece72274e21d2

  • SHA1

    a71bc1a0391d1dd6bf94aab8746a234034700b4e

  • SHA256

    55b76d229ca2ae94f5594050bfe8dd91f8ec8b26c0c7ae1956688494b051084b

  • SHA512

    2a7d8cb81937055c68a2915cda35eeeb71d7e52efcfb4feea15bcca6c7b85c8350e668da520659c0c493be68926393963604c106611600feaa3927b3550196b4

  • SSDEEP

    6144:oDpoeh0tRrQu3kHYPiVrhZN3SIqOWnbBO3Q9Y3Fqtw:E0tVhqVrDN3S7sg9Y39

Score
8/10
persistence

Malware Config

Targets

    • Target

      55b76d229ca2ae94f5594050bfe8dd91f8ec8b26c0c7ae1956688494b051084b

    • Size

      206KB

    • MD5

      6c21d0c5867d51e82f3ece72274e21d2

    • SHA1

      a71bc1a0391d1dd6bf94aab8746a234034700b4e

    • SHA256

      55b76d229ca2ae94f5594050bfe8dd91f8ec8b26c0c7ae1956688494b051084b

    • SHA512

      2a7d8cb81937055c68a2915cda35eeeb71d7e52efcfb4feea15bcca6c7b85c8350e668da520659c0c493be68926393963604c106611600feaa3927b3550196b4

    • SSDEEP

      6144:oDpoeh0tRrQu3kHYPiVrhZN3SIqOWnbBO3Q9Y3Fqtw:E0tVhqVrDN3S7sg9Y39

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks