26dd89268839f81f51f5d50e6855bf457d4f916bedbcf2341d1fa235134a13a1 | Triage

Submit
Reports

Overview

overview

Static

static

campaign_3...ee7.7z

windows7-x64

3

campaign_3...ee7.7z

windows10-2004-x64

Resubmissions

25-11-2022 23:32

221125-3h9z4aeg73 1

25-11-2022 23:11

221125-259r6sgg3z 10

Sharing

General

Target

campaign_312-633aed5da8a1e15dd296b1e408bd2ee7.7z
Size

7.2MB
Sample

221125-259r6sgg3z
MD5

633aed5da8a1e15dd296b1e408bd2ee7
SHA1

be1a9bec12fde32b4a17d245346c01145e89a810
SHA256

26dd89268839f81f51f5d50e6855bf457d4f916bedbcf2341d1fa235134a13a1
SHA512

0c620a191d97880421b6c86d53c7d98a2b52b218e521f0dd6451bf8d8420c3a029c33deb74b8019bd490577cc20b7a94f8338d8b15d97cc9116fffb9b1683a74
SSDEEP

98304:i8p2E3sfzRHjpBq+AfuQWzB7M+TdNocYea5Mv4iruwNPD9r0RO1si8XEc7HOFcM9:lp2EERuLfrW9ckPrVN79AXvuFcgSUmR2

Score

10^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

campaign_312-633aed5da8a1e15dd296b1e408bd2ee7.7z

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

campaign_312-633aed5da8a1e15dd296b1e408bd2ee7.7z

Resource

win10v2004-20220901-en

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  campaign_312-633aed5da8a1e15dd296b1e408bd2ee7.7z
- Size
  
  7.2MB
- MD5
  
  633aed5da8a1e15dd296b1e408bd2ee7
- SHA1
  
  be1a9bec12fde32b4a17d245346c01145e89a810
- SHA256
  
  26dd89268839f81f51f5d50e6855bf457d4f916bedbcf2341d1fa235134a13a1
- SHA512
  
  0c620a191d97880421b6c86d53c7d98a2b52b218e521f0dd6451bf8d8420c3a029c33deb74b8019bd490577cc20b7a94f8338d8b15d97cc9116fffb9b1683a74
- SSDEEP
  
  98304:i8p2E3sfzRHjpBq+AfuQWzB7M+TdNocYea5Mv4iruwNPD9r0RO1si8XEc7HOFcM9:lp2EERuLfrW9ckPrVN79AXvuFcgSUmR2
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Registers COM server for autorun
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy