Overview

overview

6

Static

static

51b4cf5832...56.exe

windows7-x64

5

51b4cf5832...56.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51b4cf58323ad7ab82b0c6e608f5618bf12c15175224a02666f01062e25f7a56

  • Size

    205KB

  • Sample

    221126-22cm9sfb7z

  • MD5

    9c11fce9426735b38d65aaab7ac52ac1

  • SHA1

    6681cfcd27aa72f7af69f1800c2d9fd3bb6e0e6e

  • SHA256

    51b4cf58323ad7ab82b0c6e608f5618bf12c15175224a02666f01062e25f7a56

  • SHA512

    381ca6a177df0222d9f29e8a4078f531c9c249deccba08c8af3d6573507876c086918c59720a4ed287bb864b1bf70ec5b93b1784f81cd66afcc6303454d57f43

  • SSDEEP

    1536:Z2EoFMbYj5ZrIUbJX7+7fHYiJUP0k1A9WPhRkBBABywTmKFwB3r5Icdear:5U9Rb1hsfoTkBBoyUjFwVFI6ea

Score
6/10
persistence

Malware Config

Targets

    • Target

      51b4cf58323ad7ab82b0c6e608f5618bf12c15175224a02666f01062e25f7a56

    • Size

      205KB

    • MD5

      9c11fce9426735b38d65aaab7ac52ac1

    • SHA1

      6681cfcd27aa72f7af69f1800c2d9fd3bb6e0e6e

    • SHA256

      51b4cf58323ad7ab82b0c6e608f5618bf12c15175224a02666f01062e25f7a56

    • SHA512

      381ca6a177df0222d9f29e8a4078f531c9c249deccba08c8af3d6573507876c086918c59720a4ed287bb864b1bf70ec5b93b1784f81cd66afcc6303454d57f43

    • SSDEEP

      1536:Z2EoFMbYj5ZrIUbJX7+7fHYiJUP0k1A9WPhRkBBABywTmKFwB3r5Icdear:5U9Rb1hsfoTkBBoyUjFwVFI6ea

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks