Overview

overview

6

Static

static

Anexo - 88...84.dll

windows7-x64

5

Anexo - 88...84.dll

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5e6f446d16656f177de32fce2ff5ea94436c3600451ab84ef9342a9be45687c

  • Size

    592KB

  • Sample

    221124-rhrmzada6z

  • MD5

    4036907e20cd7538c57116a325758eda

  • SHA1

    9acd13844f8af8c8998dbbdcbc20b3ea58a1d6ff

  • SHA256

    f5e6f446d16656f177de32fce2ff5ea94436c3600451ab84ef9342a9be45687c

  • SHA512

    43bd71a2f947db14adb07f58b867caf0e044873643925ffb470a32dc152bed762c744fe4d5f2419ea0801e7837d71e3415ab0505b66591bb0e1bb66b04884a92

  • SSDEEP

    12288:sNy1JAUULetQtyrBanZa1ssNFnnfzKUAcjOJpQveCv2fxMWh1:my1JOcQZnwyYb5LCQ96V1

Score
6/10
persistence

Malware Config

Targets

    • Target

      Anexo - 884910003984.cpl

    • Size

      1004KB

    • MD5

      c76d0f70d6bca4d82ffd570530d7d6b4

    • SHA1

      74e70da6952c6c0fede84114d5a1fe483811b633

    • SHA256

      95b4e1cd0e79fe99235aed4be1746b7685b1de71b28f0f23794527909c0f22eb

    • SHA512

      4b974cc165437479e32b56ffd1159783dd701a1b2395c1181b28770241e3b435955a7341f29ea284cd8e3a45a4d1220828ac5a884d2b7e3ae4a084034f171fd7

    • SSDEEP

      24576:SRZvpR6IGilzTRdOy5xeEFuTMwvx1vCQrCje:ObL0rTMwvfvCQ2q

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks