Overview

overview

8

Static

static

225589564f...34.exe

windows7-x64

8

225589564f...34.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    225589564f0a0f468c9341860348c074522baf69d2dbb1ce6d0fa137f369f334

  • Size

    579KB

  • Sample

    221127-t2ehvsbh33

  • MD5

    80b8e1ea0247de9050d306969f85681a

  • SHA1

    bce265a1c011316a4b4423472c118ff82d057cc1

  • SHA256

    225589564f0a0f468c9341860348c074522baf69d2dbb1ce6d0fa137f369f334

  • SHA512

    57b2ed0a009b80fdd21b7cc48b802e3bbb4fb8dbbdf9f8e083521919d8c6a68b6fe9d1f394851e8c872a0cdb99a1852cab2e046027504868690651f8f76f0ab6

  • SSDEEP

    6144:6Z1YYjDZwI/MPNPE4Q0HiHgy7EB8B/r5vIlHgNiUoT1HbBX2QGeaWUHVafe0c:K1YOMtE4Q0ugy7EB8lAuinTXXmdj

Score
8/10
persistence

Malware Config

Targets

    • Target

      225589564f0a0f468c9341860348c074522baf69d2dbb1ce6d0fa137f369f334

    • Size

      579KB

    • MD5

      80b8e1ea0247de9050d306969f85681a

    • SHA1

      bce265a1c011316a4b4423472c118ff82d057cc1

    • SHA256

      225589564f0a0f468c9341860348c074522baf69d2dbb1ce6d0fa137f369f334

    • SHA512

      57b2ed0a009b80fdd21b7cc48b802e3bbb4fb8dbbdf9f8e083521919d8c6a68b6fe9d1f394851e8c872a0cdb99a1852cab2e046027504868690651f8f76f0ab6

    • SSDEEP

      6144:6Z1YYjDZwI/MPNPE4Q0HiHgy7EB8B/r5vIlHgNiUoT1HbBX2QGeaWUHVafe0c:K1YOMtE4Q0ugy7EB8lAuinTXXmdj

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks