General

  • Target

    519a4655f121a0d225c90544bb38a01efdaf51e00dc3b42ed88254169de50c2a

  • Size

    187KB

  • Sample

    221124-x429gsha3t

  • MD5

    5ebe8380dfc5f8943ccaf7b213325f35

  • SHA1

    7928df89a5e15b177330d02d2d814b91ab6ab155

  • SHA256

    519a4655f121a0d225c90544bb38a01efdaf51e00dc3b42ed88254169de50c2a

  • SHA512

    9f03e856d3fdf1e32a454038363cadb2d6128ec6b0fe2a9f81f442121518a03e0a7ad0509e506803095bc7efa965e780c9b49ec15a14c3cf84df3f6dc731a663

  • SSDEEP

    3072:Ws2znCyxCcOzWwLR347Uol5zvgB0hzblsVYfiOm7IBu:wzKhLR3HUvg2zblsVY3m78u

Score
8/10

Malware Config

Targets

    • Target

      519a4655f121a0d225c90544bb38a01efdaf51e00dc3b42ed88254169de50c2a

    • Size

      187KB

    • MD5

      5ebe8380dfc5f8943ccaf7b213325f35

    • SHA1

      7928df89a5e15b177330d02d2d814b91ab6ab155

    • SHA256

      519a4655f121a0d225c90544bb38a01efdaf51e00dc3b42ed88254169de50c2a

    • SHA512

      9f03e856d3fdf1e32a454038363cadb2d6128ec6b0fe2a9f81f442121518a03e0a7ad0509e506803095bc7efa965e780c9b49ec15a14c3cf84df3f6dc731a663

    • SSDEEP

      3072:Ws2znCyxCcOzWwLR347Uol5zvgB0hzblsVYfiOm7IBu:wzKhLR3HUvg2zblsVY3m78u

    Score
    8/10
    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

Tasks