Overview

overview

8

Static

static

93958bdc44...bb.exe

windows7-x64

8

93958bdc44...bb.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93958bdc443cbbe120032a5b88dbd26154de641327d5c2090fe72f97cdd237bb

  • Size

    386KB

  • Sample

    221130-me7skabg46

  • MD5

    97137a28aa9e035be8e389ba13b750f3

  • SHA1

    35c3bdf7341b26c92ef151c1200fa882d1dc869c

  • SHA256

    93958bdc443cbbe120032a5b88dbd26154de641327d5c2090fe72f97cdd237bb

  • SHA512

    114ec38b58604477fbc2f05cbf1a808c4b8090831882aea38e66eddb54709fc0fae7f9d2d9ac5c72c16fe3b46906b16c2b1de2bc59eeef86e08774b5887f8dad

  • SSDEEP

    6144:frmpc/48BzsNwowduU7dY2PmJashzchJ9qOoIRBSC0q7wOO+TOTV:D+mtzsNwJY8a2PgJMHnRqIxy

Score
8/10
persistence

Malware Config

Targets

    • Target

      93958bdc443cbbe120032a5b88dbd26154de641327d5c2090fe72f97cdd237bb

    • Size

      386KB

    • MD5

      97137a28aa9e035be8e389ba13b750f3

    • SHA1

      35c3bdf7341b26c92ef151c1200fa882d1dc869c

    • SHA256

      93958bdc443cbbe120032a5b88dbd26154de641327d5c2090fe72f97cdd237bb

    • SHA512

      114ec38b58604477fbc2f05cbf1a808c4b8090831882aea38e66eddb54709fc0fae7f9d2d9ac5c72c16fe3b46906b16c2b1de2bc59eeef86e08774b5887f8dad

    • SSDEEP

      6144:frmpc/48BzsNwowduU7dY2PmJashzchJ9qOoIRBSC0q7wOO+TOTV:D+mtzsNwJY8a2PgJMHnRqIxy

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks