Overview

overview

10

Static

static

9513e8f358...73.exe

windows7-x64

8

9513e8f358...73.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9513e8f3589c60c043962657989ca9854a4804bc67aac06d53e58353fb355f73

  • Size

    112KB

  • Sample

    221203-2cparsah67

  • MD5

    9cb9f8e32e51ecef897563c0f5e8cd85

  • SHA1

    2bc90dbb1efe3982cba4a6367af726f82c2aa79a

  • SHA256

    9513e8f3589c60c043962657989ca9854a4804bc67aac06d53e58353fb355f73

  • SHA512

    b1b947a960bcf285488e3d69f32de8ddffeb4552c4f8da2f2ff98d9d6301ec4f59311b6a845b28fec62c2664032a4999996921cb518a3caee1e302930e97b3c0

  • SSDEEP

    384:6FVe6h5aBTLhyQnPLmlmFwlyyB5f3ggWBh9tsLGhqaaFlHmzTGf8:6NadL80My45fgFh9tsLDQzTGf

Score
10/10
persistence

Malware Config

Targets

    • Target

      9513e8f3589c60c043962657989ca9854a4804bc67aac06d53e58353fb355f73

    • Size

      112KB

    • MD5

      9cb9f8e32e51ecef897563c0f5e8cd85

    • SHA1

      2bc90dbb1efe3982cba4a6367af726f82c2aa79a

    • SHA256

      9513e8f3589c60c043962657989ca9854a4804bc67aac06d53e58353fb355f73

    • SHA512

      b1b947a960bcf285488e3d69f32de8ddffeb4552c4f8da2f2ff98d9d6301ec4f59311b6a845b28fec62c2664032a4999996921cb518a3caee1e302930e97b3c0

    • SSDEEP

      384:6FVe6h5aBTLhyQnPLmlmFwlyyB5f3ggWBh9tsLGhqaaFlHmzTGf8:6NadL80My45fgFh9tsLDQzTGf

    Score
    10/10
    persistence

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks