Overview

overview

8

Static

static

44478c730a...35.exe

windows7-x64

8

44478c730a...35.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44478c730a9eb20469084cc7abdcb20c1a70ca948d55cee9f5056f96f746f835

  • Size

    288KB

  • Sample

    221125-jvjh5afh8z

  • MD5

    54c32d7aabf7f8dcd6ed16cc8147fd12

  • SHA1

    5c4c219891f88c94b36fce3e696fc3d9b1680e80

  • SHA256

    44478c730a9eb20469084cc7abdcb20c1a70ca948d55cee9f5056f96f746f835

  • SHA512

    c9f0ba812f0d2153c5f124d3bb2ab913fc775813db2c2acd86515f09d991c865d956e31512defeb93e0e6d514d8c92ed21668d88d355f68f6ca02172848fa44b

  • SSDEEP

    6144:Gbu9uj8Pw2rZqabNzSPR4ZeY5VuiDjMsOxp6+vfUVMwT:Yu9oL2gONuJ4xDCxp6+vfm

Score
8/10
persistence

Malware Config

Targets

    • Target

      44478c730a9eb20469084cc7abdcb20c1a70ca948d55cee9f5056f96f746f835

    • Size

      288KB

    • MD5

      54c32d7aabf7f8dcd6ed16cc8147fd12

    • SHA1

      5c4c219891f88c94b36fce3e696fc3d9b1680e80

    • SHA256

      44478c730a9eb20469084cc7abdcb20c1a70ca948d55cee9f5056f96f746f835

    • SHA512

      c9f0ba812f0d2153c5f124d3bb2ab913fc775813db2c2acd86515f09d991c865d956e31512defeb93e0e6d514d8c92ed21668d88d355f68f6ca02172848fa44b

    • SSDEEP

      6144:Gbu9uj8Pw2rZqabNzSPR4ZeY5VuiDjMsOxp6+vfUVMwT:Yu9oL2gONuJ4xDCxp6+vfm

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks