Overview

overview

8

Static

static

8a46a011d7...5f.exe

windows7-x64

8

8a46a011d7...5f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a46a011d7827831f39607087c7d21c7525f237794f67ec9e7fb86467199cc5f

  • Size

    750KB

  • Sample

    221124-p2mr1seb96

  • MD5

    da15c1fe1c9a2d3efe9e7b53897f8eac

  • SHA1

    b8ab3f56ef4f1b61ce6a2edd350fa28f8666fc05

  • SHA256

    8a46a011d7827831f39607087c7d21c7525f237794f67ec9e7fb86467199cc5f

  • SHA512

    9029186c5a00dfefd02429170fbd33b0fb7db9956d4748fbb504cf36b153ac35023a461e88500e7e217b4773d20076873b42d6e0ec32ae666c69189e7a4edb73

  • SSDEEP

    12288:6Rem0ZUxj7xBGTfdODeE0TjNRwiQwj7xBGTfdODeE0TjNRwiQy:2+Uh7GTVotCj3wiQU7GTVotCj3wiQy

Score
8/10
persistence

Malware Config

Targets

    • Target

      8a46a011d7827831f39607087c7d21c7525f237794f67ec9e7fb86467199cc5f

    • Size

      750KB

    • MD5

      da15c1fe1c9a2d3efe9e7b53897f8eac

    • SHA1

      b8ab3f56ef4f1b61ce6a2edd350fa28f8666fc05

    • SHA256

      8a46a011d7827831f39607087c7d21c7525f237794f67ec9e7fb86467199cc5f

    • SHA512

      9029186c5a00dfefd02429170fbd33b0fb7db9956d4748fbb504cf36b153ac35023a461e88500e7e217b4773d20076873b42d6e0ec32ae666c69189e7a4edb73

    • SSDEEP

      12288:6Rem0ZUxj7xBGTfdODeE0TjNRwiQwj7xBGTfdODeE0TjNRwiQy:2+Uh7GTVotCj3wiQU7GTVotCj3wiQy

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks