Overview

overview

8

Static

static

6430ce5805...d2.exe

windows7-x64

8

6430ce5805...d2.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6430ce58059a5226b0f53ed2d80379f003f10a7d4f572c7d826e0b5bc72615d2

  • Size

    273KB

  • Sample

    221127-dtp2mafa33

  • MD5

    34b4e405f7e04e4fca5118c2c6cca00a

  • SHA1

    1545b79ba4eb09fb998d8d3fbde674d635c7f857

  • SHA256

    6430ce58059a5226b0f53ed2d80379f003f10a7d4f572c7d826e0b5bc72615d2

  • SHA512

    d31b717c2132503396e5a793a4c4d4a0a704da5215527e31f4dfccd96d9bacc5a0c2716ad25c22b053dfd5e34780000cf1b5bfce0fb0f573be4accd35192f1b8

  • SSDEEP

    6144:9dhRj80o5VT354+NXNH5Pya+kwsDnl5xDZeNeOq0xGGujG:HhJkhV5kk1l5xDZueOq0xGGV

Score
8/10
persistence

Malware Config

Targets

    • Target

      6430ce58059a5226b0f53ed2d80379f003f10a7d4f572c7d826e0b5bc72615d2

    • Size

      273KB

    • MD5

      34b4e405f7e04e4fca5118c2c6cca00a

    • SHA1

      1545b79ba4eb09fb998d8d3fbde674d635c7f857

    • SHA256

      6430ce58059a5226b0f53ed2d80379f003f10a7d4f572c7d826e0b5bc72615d2

    • SHA512

      d31b717c2132503396e5a793a4c4d4a0a704da5215527e31f4dfccd96d9bacc5a0c2716ad25c22b053dfd5e34780000cf1b5bfce0fb0f573be4accd35192f1b8

    • SSDEEP

      6144:9dhRj80o5VT354+NXNH5Pya+kwsDnl5xDZeNeOq0xGGujG:HhJkhV5kk1l5xDZueOq0xGGV

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks