Overview

overview

6

Static

static

5

235b6923a2...86.exe

windows7-x64

6

235b6923a2...86.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    235b6923a233219747ef055aef038d7c601747c94cd60ae7e8451844206fe486

  • Size

    5.1MB

  • Sample

    221126-225n2sbh35

  • MD5

    8a97fbc511ca574924ab5375b9554653

  • SHA1

    a3708062c84c0022caedaf95b13846a886803cc8

  • SHA256

    235b6923a233219747ef055aef038d7c601747c94cd60ae7e8451844206fe486

  • SHA512

    a9fc67d4a8602fba238d3cb0dacfa03f3ca268fe1fa7b8e61bad546274fabfdaef18e8a612c8c67d89633611fb26d18201dfdca180d603d61c959feafb782ed6

  • SSDEEP

    98304:Og56Gel9Qv4omnSS5BX/Y1lQzL0nGY0d/4J46KdLBCBgNQZ2V9FTQZE:l5l4o2SE61+zLmG1dw2fC/Z2VnQZE

Score
6/10
persistence

Malware Config

Targets

    • Target

      235b6923a233219747ef055aef038d7c601747c94cd60ae7e8451844206fe486

    • Size

      5.1MB

    • MD5

      8a97fbc511ca574924ab5375b9554653

    • SHA1

      a3708062c84c0022caedaf95b13846a886803cc8

    • SHA256

      235b6923a233219747ef055aef038d7c601747c94cd60ae7e8451844206fe486

    • SHA512

      a9fc67d4a8602fba238d3cb0dacfa03f3ca268fe1fa7b8e61bad546274fabfdaef18e8a612c8c67d89633611fb26d18201dfdca180d603d61c959feafb782ed6

    • SSDEEP

      98304:Og56Gel9Qv4omnSS5BX/Y1lQzL0nGY0d/4J46KdLBCBgNQZ2V9FTQZE:l5l4o2SE61+zLmG1dw2fC/Z2VnQZE

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks