Overview

overview

8

Static

static

b079a64137...cd.exe

windows7-x64

8

b079a64137...cd.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b079a64137c6696c5ffb96a2b19d337772d9a7e304efa8e50d3093bdac20f7cd

  • Size

    321KB

  • Sample

    221125-h25jhadg8v

  • MD5

    59e8f070a9bdd632360c1d6d4613cfca

  • SHA1

    2b24b8f443799e0671f64d6de75e1cc0329c953c

  • SHA256

    b079a64137c6696c5ffb96a2b19d337772d9a7e304efa8e50d3093bdac20f7cd

  • SHA512

    c9a7b5559e912de1e592d652c334d304b1a498cf5299b17b9176bb05720601ce64489bdad50958950bc770e76a4733f4c441f63e1ac30ee9ada7f3a853cf3356

  • SSDEEP

    6144:Pw1NvVVPK/P7jIx0b6sy9JyvoP4jnRmhOzBrknTL7cuEBd9SV:iB3KHAf7Jyv+4jR/zGnTL7PEFSV

Score
8/10
persistence

Malware Config

Targets

    • Target

      b079a64137c6696c5ffb96a2b19d337772d9a7e304efa8e50d3093bdac20f7cd

    • Size

      321KB

    • MD5

      59e8f070a9bdd632360c1d6d4613cfca

    • SHA1

      2b24b8f443799e0671f64d6de75e1cc0329c953c

    • SHA256

      b079a64137c6696c5ffb96a2b19d337772d9a7e304efa8e50d3093bdac20f7cd

    • SHA512

      c9a7b5559e912de1e592d652c334d304b1a498cf5299b17b9176bb05720601ce64489bdad50958950bc770e76a4733f4c441f63e1ac30ee9ada7f3a853cf3356

    • SSDEEP

      6144:Pw1NvVVPK/P7jIx0b6sy9JyvoP4jnRmhOzBrknTL7cuEBd9SV:iB3KHAf7Jyv+4jR/zGnTL7PEFSV

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks