Overview

overview

8

Static

static

5

880339c97a...f1.exe

windows7-x64

8

880339c97a...f1.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    880339c97ae7f35a39960bf9dc56b6ad7f38b8cfc9ea30a258656925f3908bf1

  • Size

    974KB

  • Sample

    221127-3bsggabf7v

  • MD5

    e60e92bd14d49e88a8d88158500af069

  • SHA1

    f451a07adab605cc9ff4910532cd08febf12769d

  • SHA256

    880339c97ae7f35a39960bf9dc56b6ad7f38b8cfc9ea30a258656925f3908bf1

  • SHA512

    a13a1160e2764a76d0d951a593ae9c5627c102eb822538acc62b40afa135d42a6308d4265218190bf3b46362d3e2f357068e26f6f846006e7de909f69c508cf8

  • SSDEEP

    12288:vhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4atDO9vJ/dXL+s8KFJG1GuK:1RmJkcoQricOIQxiZY1iat69lZ+m6wz

Score
8/10
persistence

Malware Config

Targets

    • Target

      880339c97ae7f35a39960bf9dc56b6ad7f38b8cfc9ea30a258656925f3908bf1

    • Size

      974KB

    • MD5

      e60e92bd14d49e88a8d88158500af069

    • SHA1

      f451a07adab605cc9ff4910532cd08febf12769d

    • SHA256

      880339c97ae7f35a39960bf9dc56b6ad7f38b8cfc9ea30a258656925f3908bf1

    • SHA512

      a13a1160e2764a76d0d951a593ae9c5627c102eb822538acc62b40afa135d42a6308d4265218190bf3b46362d3e2f357068e26f6f846006e7de909f69c508cf8

    • SSDEEP

      12288:vhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4atDO9vJ/dXL+s8KFJG1GuK:1RmJkcoQricOIQxiZY1iat69lZ+m6wz

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks