Overview

overview

8

Static

static

379c95f63d...71.exe

windows7-x64

8

379c95f63d...71.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    379c95f63d000916d96c1763a17fac4ea41556ee0504719c441bd1902a403c71

  • Size

    96KB

  • Sample

    221128-pfl9csgf2z

  • MD5

    5bfdb95640c4d934f7286823d2f9e405

  • SHA1

    74cf5967e7869f58997731639022d528821b12b5

  • SHA256

    379c95f63d000916d96c1763a17fac4ea41556ee0504719c441bd1902a403c71

  • SHA512

    6e3c3b06fcdeaed7745dd0017fab16fffd8947daac52c20c70e6e552d00ad18b5921e33a84779becff22fd99a992940270bc6c1ecad949c31326a8f86dd6c701

  • SSDEEP

    1536:kYHfX4zn3zGR/tlwsFuUyYZkVT2qbi19KmAMxaiKRUdQszWZzLgotxE:kEoCjlpFnkVTK19VAMxBFaszGtxE

Score
8/10
persistence

Malware Config

Targets

    • Target

      379c95f63d000916d96c1763a17fac4ea41556ee0504719c441bd1902a403c71

    • Size

      96KB

    • MD5

      5bfdb95640c4d934f7286823d2f9e405

    • SHA1

      74cf5967e7869f58997731639022d528821b12b5

    • SHA256

      379c95f63d000916d96c1763a17fac4ea41556ee0504719c441bd1902a403c71

    • SHA512

      6e3c3b06fcdeaed7745dd0017fab16fffd8947daac52c20c70e6e552d00ad18b5921e33a84779becff22fd99a992940270bc6c1ecad949c31326a8f86dd6c701

    • SSDEEP

      1536:kYHfX4zn3zGR/tlwsFuUyYZkVT2qbi19KmAMxaiKRUdQszWZzLgotxE:kEoCjlpFnkVTK19VAMxBFaszGtxE

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks