Overview

overview

8

Static

static

80f0c45f7d...bf.exe

windows7-x64

8

80f0c45f7d...bf.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80f0c45f7d42275ec4b26daadc5848544dc0fcfec3f2202b38e83ede2d9e9ebf

  • Size

    102KB

  • Sample

    221125-jee6rseg31

  • MD5

    0d526a581fe37551f95090b34b3f8539

  • SHA1

    b792f38aae08343dabf1a17ec5d9180d9492c376

  • SHA256

    80f0c45f7d42275ec4b26daadc5848544dc0fcfec3f2202b38e83ede2d9e9ebf

  • SHA512

    c2fb51796c5454b14831cc74510792bf949f60ad05e9afd682506a5594be7c3980e2aaeca64a347aa9c774ff2bc83361c4d3d173fce2a4265813ab00e1c29ee9

  • SSDEEP

    3072:65ACQjVyPZZkIVrjQ/BvA7rvjHY4Zx/Woa:8myPZF1AvUrvjHYo/

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      80f0c45f7d42275ec4b26daadc5848544dc0fcfec3f2202b38e83ede2d9e9ebf

    • Size

      102KB

    • MD5

      0d526a581fe37551f95090b34b3f8539

    • SHA1

      b792f38aae08343dabf1a17ec5d9180d9492c376

    • SHA256

      80f0c45f7d42275ec4b26daadc5848544dc0fcfec3f2202b38e83ede2d9e9ebf

    • SHA512

      c2fb51796c5454b14831cc74510792bf949f60ad05e9afd682506a5594be7c3980e2aaeca64a347aa9c774ff2bc83361c4d3d173fce2a4265813ab00e1c29ee9

    • SSDEEP

      3072:65ACQjVyPZZkIVrjQ/BvA7rvjHY4Zx/Woa:8myPZF1AvUrvjHYo/

    Score
    8/10
    evasionpersistence

    • Creates new service(s)

      persistence

    • Drops file in Drivers directory

    • Stops running service(s)

      evasion

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

New Service

1
T1050

Modify Existing Service

1
T1031

Privilege Escalation

New Service

1
T1050

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

1
T1489

Tasks