Overview

overview

10

Static

static

147ffef495...28.exe

windows7-x64

10

147ffef495...28.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428

  • Size

    112KB

  • Sample

    221125-j7g6tsdc78

  • MD5

    7e1b3552952c0df1b1e7b6eac8d73b03

  • SHA1

    18dd6c4f67e650e3fb5fb8179db0f4554a70e529

  • SHA256

    147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428

  • SHA512

    6366ef5c7692bdad462689bfad5b26677b52bbb9b62b1d65b4546d9cc0700a2596ededb71a8e910c4c7b6eaa6ad957dd871b6d03cd36aa4f66dba9dc154ede77

  • SSDEEP

    1536:p32jxn6koA6iHSPuCgRoD7yTgQEsoxYyJ8O6+MrPZI8VOFLCwCiLEw9m:stnJogRsyTANF6/riFLpCQZ9m

Score
10/10
persistence

Malware Config

Targets

    • Target

      147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428

    • Size

      112KB

    • MD5

      7e1b3552952c0df1b1e7b6eac8d73b03

    • SHA1

      18dd6c4f67e650e3fb5fb8179db0f4554a70e529

    • SHA256

      147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428

    • SHA512

      6366ef5c7692bdad462689bfad5b26677b52bbb9b62b1d65b4546d9cc0700a2596ededb71a8e910c4c7b6eaa6ad957dd871b6d03cd36aa4f66dba9dc154ede77

    • SSDEEP

      1536:p32jxn6koA6iHSPuCgRoD7yTgQEsoxYyJ8O6+MrPZI8VOFLCwCiLEw9m:stnJogRsyTANF6/riFLpCQZ9m

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Modifies WinLogon

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks