Overview

overview

8

Static

static

5

Comprovant...ML.exe

windows7-x64

8

Comprovant...ML.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ac5f5cbd3af833da480c3a66e6e1bc4417a97864e36b723299a0b8eb5a15f2a

  • Size

    501KB

  • Sample

    221124-n4mpcsca86

  • MD5

    75a495dee8be41b0736bfcb8d47f73a1

  • SHA1

    6a46bc4bfdaa498438f424b0830a91d5128a0ed9

  • SHA256

    8ac5f5cbd3af833da480c3a66e6e1bc4417a97864e36b723299a0b8eb5a15f2a

  • SHA512

    ef9f02ec7f0186b63a183caab0204c759535511856521339de7f900c9816a06633a96cc3058ad169f434e107f3b218b0c9970197b1afec7a393726a928ae09eb

  • SSDEEP

    12288:nP0eCr8pO87xjJV3zpEwR9Fsc11fKMggzt/n9Fxz13ee:nPQ89L3+iT11kgBlzt5

Score
8/10

Malware Config

Targets

    • Target

      Comprovante Transacional_HTML.exe

    • Size

      911KB

    • MD5

      e78a58a675ff24e3865bdbf3e313daf8

    • SHA1

      e12f7df0d31c560c276a880dd8b4cabc4154d0a3

    • SHA256

      4b37b1ed0345fa62aaf25247b5c47d5812ef522e1a215d815a8b4d0393dea899

    • SHA512

      2d398ab4fa9541cc7efe2ba3a472e7a6821cdbf9c1652d4f4148e1ed1579de19872c7ed1ab87270dcdcb8b4c0f3649d70d1d7d600082328ec58bb15fcdaec544

    • SSDEEP

      24576:R4lavt0LkLL9IMixoEgeam8gpOi1pq9MmCS:gkwkn9IMHeamf9jaPCS

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks