Overview

overview

6

Static

static

3a49b660f8...6e.exe

windows7-x64

6

3a49b660f8...6e.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a49b660f81c66e17894f19222c24719af63275376cf21714eed6b28629be86e

  • Size

    1.8MB

  • Sample

    221125-z8p6tsah91

  • MD5

    12ccc6110263e5897cd4e46f8d4650d6

  • SHA1

    05e0a1118fbd7ad820202511e8daf9ccca654b5f

  • SHA256

    3a49b660f81c66e17894f19222c24719af63275376cf21714eed6b28629be86e

  • SHA512

    0806fda202ff3163b0bf0e21e7f71428594ab77c296f29a9c9efacacf6eba5b04ff505d50c0b50d1cf842938ba3122e0408c387132490e2bccbd014030c7cf53

  • SSDEEP

    49152:Vj0w/x7GGdWl/MyQZouaSb8KBHKrXtzXs7:/x76FMPo1IHKbtz

Score
6/10
collectionpersistence

Malware Config

Targets

    • Target

      3a49b660f81c66e17894f19222c24719af63275376cf21714eed6b28629be86e

    • Size

      1.8MB

    • MD5

      12ccc6110263e5897cd4e46f8d4650d6

    • SHA1

      05e0a1118fbd7ad820202511e8daf9ccca654b5f

    • SHA256

      3a49b660f81c66e17894f19222c24719af63275376cf21714eed6b28629be86e

    • SHA512

      0806fda202ff3163b0bf0e21e7f71428594ab77c296f29a9c9efacacf6eba5b04ff505d50c0b50d1cf842938ba3122e0408c387132490e2bccbd014030c7cf53

    • SSDEEP

      49152:Vj0w/x7GGdWl/MyQZouaSb8KBHKrXtzXs7:/x76FMPo1IHKbtz

    Score
    6/10
    collectionpersistence

    • Accesses Microsoft Outlook profiles

      collection

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks