Overview

overview

8

Static

static

1

d1c7b7a343...0d.exe

windows7-x64

8

d1c7b7a343...0d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1c7b7a343c56e560419afb3c0492e2616b0057d604a9abb6153b84b1a7eca0d

  • Size

    79KB

  • Sample

    221128-dxpv2afc8t

  • MD5

    2e555a0c5387b69d49b1a23655e5e433

  • SHA1

    b439f0d86b4527b690126dbf039c20c9e8b9be6b

  • SHA256

    d1c7b7a343c56e560419afb3c0492e2616b0057d604a9abb6153b84b1a7eca0d

  • SHA512

    75f3dd466c36b720401d89be2a3352a5fc6b6648c71eb1cf6ded5d70be4c117c99e31f1e6388963babcce4a778ae500538d88b656f7b74e02db2fac51da3738f

  • SSDEEP

    1536:DQpQ5EP0ijnRTXJ+MthJ0sLKu6alRjILCbIH5IKNFn:DQIURTXJ+MzJ0fqOLeIHN

Score
8/10
persistence

Malware Config

Targets

    • Target

      d1c7b7a343c56e560419afb3c0492e2616b0057d604a9abb6153b84b1a7eca0d

    • Size

      79KB

    • MD5

      2e555a0c5387b69d49b1a23655e5e433

    • SHA1

      b439f0d86b4527b690126dbf039c20c9e8b9be6b

    • SHA256

      d1c7b7a343c56e560419afb3c0492e2616b0057d604a9abb6153b84b1a7eca0d

    • SHA512

      75f3dd466c36b720401d89be2a3352a5fc6b6648c71eb1cf6ded5d70be4c117c99e31f1e6388963babcce4a778ae500538d88b656f7b74e02db2fac51da3738f

    • SSDEEP

      1536:DQpQ5EP0ijnRTXJ+MthJ0sLKu6alRjILCbIH5IKNFn:DQIURTXJ+MzJ0fqOLeIHN

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks