Overview

overview

8

Static

static

b52230ba07...49.exe

windows7-x64

8

b52230ba07...49.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b52230ba0750810d362bf8f58f0332eec710ce0e6b61fd89b68d0dc108f53449

  • Size

    1.1MB

  • Sample

    221201-xrxs8seh6x

  • MD5

    39ecc70c2d2baf144d81c8a8c930c064

  • SHA1

    bd2313bed774d4804de7e2ce65a9820c81a91c73

  • SHA256

    b52230ba0750810d362bf8f58f0332eec710ce0e6b61fd89b68d0dc108f53449

  • SHA512

    bb8a79f8336b8de9150bc59274bd762a20eee2a900a1592e6f87bd18a32af0f3f359e556549016ec67fb701d082440c8d76b9ec9196dffa839e358912fd2e8a9

  • SSDEEP

    24576:PC7I14/6ZNetmSwfC7lZwhgppoud4UvMt:qk7Md

Score
8/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      b52230ba0750810d362bf8f58f0332eec710ce0e6b61fd89b68d0dc108f53449

    • Size

      1.1MB

    • MD5

      39ecc70c2d2baf144d81c8a8c930c064

    • SHA1

      bd2313bed774d4804de7e2ce65a9820c81a91c73

    • SHA256

      b52230ba0750810d362bf8f58f0332eec710ce0e6b61fd89b68d0dc108f53449

    • SHA512

      bb8a79f8336b8de9150bc59274bd762a20eee2a900a1592e6f87bd18a32af0f3f359e556549016ec67fb701d082440c8d76b9ec9196dffa839e358912fd2e8a9

    • SSDEEP

      24576:PC7I14/6ZNetmSwfC7lZwhgppoud4UvMt:qk7Md

    Score
    8/10
    persistencemicrosoftphishing

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks