Overview

overview

6

Static

static

Anexo_Regi...SA.dll

windows7-x64

5

Anexo_Regi...SA.dll

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21d77f0a8ee870384b2f731d61cff76234e964a708cfbf032768ad5ef73d72e2

  • Size

    630KB

  • Sample

    221128-ebfwnscd95

  • MD5

    63ef2ef5d3ca61dabc4b4106664a59b9

  • SHA1

    ad75ddf52ca5c7970bfd3c81978a05fa8e280842

  • SHA256

    21d77f0a8ee870384b2f731d61cff76234e964a708cfbf032768ad5ef73d72e2

  • SHA512

    3b59fc496aed9d21fbf04d8deab573e1faada0116d15fd6deae725b414fb63dcf23d188ac5a2ae5775c20d5d5a870ade4ab4c07218c32e3a25af9ab6ef0fc955

  • SSDEEP

    12288:mQGV0d+4qxYKncMjcKqlIlv2JFHzyw2p/7oUiclOJpQ/eCv4Me/XC:mlHi3M8aw0JnvCQNNmC

Score
6/10
persistence

Malware Config

Targets

    • Target

      Anexo_Registro-PEFIN-SERASA.cpl

    • Size

      1.0MB

    • MD5

      c31baf4a8efca208382a4ba48542b4f1

    • SHA1

      b51ca167cbb1350ed4a1d70843eae52876f3f0c9

    • SHA256

      8f65dcdec1f883c5f7122bc11486637a428c9e308968558f4d86cb8b0243dcb2

    • SHA512

      31ce3d77092ce5ea4085f649669b37e18bc3da3bfb60cf97fc1394428842ce3f93e2fc339947a6ba844cdebec7a996493d419266788c07a33070c7c0912e9408

    • SSDEEP

      24576:unF21Q1dE4BcHDaAAxrPnLdgn4MR4vdcGpRBGTuwv91vCQrCEafeZH:E9z2VTuwvrvCQ2g

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks