Overview

overview

6

Static

static

bc31f8fd49...c1.exe

windows7-x64

6

bc31f8fd49...c1.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc31f8fd49a7aca2ed540cfb0ae4578a3f2de21ff81372bd53b1512305a636c1

  • Size

    105KB

  • Sample

    221124-qypymsgc74

  • MD5

    0942d79d41dd27d01c7b32c83d99260e

  • SHA1

    f5e794be5560543cf5945801c0909047cb0fa151

  • SHA256

    bc31f8fd49a7aca2ed540cfb0ae4578a3f2de21ff81372bd53b1512305a636c1

  • SHA512

    abbe39c1d11883e4accf6cf656d041bd1d7e7fcbe174e18e5b7295c8a7f6c119cef5c277b272a44f168669e088a1bfc106dc543a38af0b53dabbe3b605038fdb

  • SSDEEP

    1536:+cqzbkgDtYvutrYvutbyv6+Jg0hmKdUW//K6murUvT71Gzy/RhRo2c:+cqzbkz5McJlvd5/yurUvT71

Score
6/10
persistence

Malware Config

Targets

    • Target

      bc31f8fd49a7aca2ed540cfb0ae4578a3f2de21ff81372bd53b1512305a636c1

    • Size

      105KB

    • MD5

      0942d79d41dd27d01c7b32c83d99260e

    • SHA1

      f5e794be5560543cf5945801c0909047cb0fa151

    • SHA256

      bc31f8fd49a7aca2ed540cfb0ae4578a3f2de21ff81372bd53b1512305a636c1

    • SHA512

      abbe39c1d11883e4accf6cf656d041bd1d7e7fcbe174e18e5b7295c8a7f6c119cef5c277b272a44f168669e088a1bfc106dc543a38af0b53dabbe3b605038fdb

    • SSDEEP

      1536:+cqzbkgDtYvutrYvutbyv6+Jg0hmKdUW//K6murUvT71Gzy/RhRo2c:+cqzbkz5McJlvd5/yurUvT71

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks