Overview

overview

6

Static

static

47506e0121...27.exe

windows7-x64

6

47506e0121...27.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47506e012136c549c1558a3d9d961e708830cefa6a66f639e508523dd4d22e27

  • Size

    40KB

  • Sample

    221127-tmvljaed2s

  • MD5

    34801b671c5f2a28338570c4c8677e8f

  • SHA1

    a9a2d0bcc5e2b21b000b3b3d2f67f573f94fdc49

  • SHA256

    47506e012136c549c1558a3d9d961e708830cefa6a66f639e508523dd4d22e27

  • SHA512

    755839402eef26bf270f722c25e6568a1fd73357e0a620829a80c2d271daa6cbb331d91a6ed72c844ce51afd7c51320d4b5af51bd5354beb4f28a392c3dbc98d

  • SSDEEP

    384:Hl+HmlMOPD+gPh6CtD9vpRaPz+ja+0ISY/z3kV5XaFAMCzwIBmgOlKG8Sf:FrlMmD+gPhhD9vpymQIfIGAZzwIBROF

Score
6/10
persistence

Malware Config

Targets

    • Target

      47506e012136c549c1558a3d9d961e708830cefa6a66f639e508523dd4d22e27

    • Size

      40KB

    • MD5

      34801b671c5f2a28338570c4c8677e8f

    • SHA1

      a9a2d0bcc5e2b21b000b3b3d2f67f573f94fdc49

    • SHA256

      47506e012136c549c1558a3d9d961e708830cefa6a66f639e508523dd4d22e27

    • SHA512

      755839402eef26bf270f722c25e6568a1fd73357e0a620829a80c2d271daa6cbb331d91a6ed72c844ce51afd7c51320d4b5af51bd5354beb4f28a392c3dbc98d

    • SSDEEP

      384:Hl+HmlMOPD+gPh6CtD9vpRaPz+ja+0ISY/z3kV5XaFAMCzwIBmgOlKG8Sf:FrlMmD+gPhhD9vpymQIfIGAZzwIBROF

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks