Overview

overview

6

Static

static

5

f5ddb0430b...cc.exe

windows7-x64

6

f5ddb0430b...cc.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5ddb0430b0c39176430de7df22e2c8c9de4ce3851bbe94a6024fd8643ccf8cc

  • Size

    4.0MB

  • Sample

    221128-skb6qsge5y

  • MD5

    f7b642a4138a4c0341680dfaf279e526

  • SHA1

    7cfa9b385e7a24bffe0c47140630a56a6f48be4d

  • SHA256

    f5ddb0430b0c39176430de7df22e2c8c9de4ce3851bbe94a6024fd8643ccf8cc

  • SHA512

    a46bdac699c27a7c2313d3e958ef86400e01214ca3a3042210c8f71bea726790467904d6b5ea11a628c3ec5fa02add71070c2dfeb70c91cf79a4eb47204b8d62

  • SSDEEP

    98304:kg56IT2uBlWo3WeIKRNF/RxDQSz5yv4cOnn9S:z5FDWSRNFJz5yv4cOnc

Score
6/10
collectionpersistence

Malware Config

Targets

    • Target

      f5ddb0430b0c39176430de7df22e2c8c9de4ce3851bbe94a6024fd8643ccf8cc

    • Size

      4.0MB

    • MD5

      f7b642a4138a4c0341680dfaf279e526

    • SHA1

      7cfa9b385e7a24bffe0c47140630a56a6f48be4d

    • SHA256

      f5ddb0430b0c39176430de7df22e2c8c9de4ce3851bbe94a6024fd8643ccf8cc

    • SHA512

      a46bdac699c27a7c2313d3e958ef86400e01214ca3a3042210c8f71bea726790467904d6b5ea11a628c3ec5fa02add71070c2dfeb70c91cf79a4eb47204b8d62

    • SSDEEP

      98304:kg56IT2uBlWo3WeIKRNF/RxDQSz5yv4cOnn9S:z5FDWSRNFJz5yv4cOnc

    Score
    6/10
    collectionpersistence

    • Accesses Microsoft Outlook profiles

      collection

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks