General

  • Target

    e1755eab1c4b2710cc304ea33727b5770de39cf265a575c0f4250ddb1594960e

  • Size

    158KB

  • Sample

    221203-3gwfbafa63

  • MD5

    5a01c350dcb66ffb4b627ac59c8ce794

  • SHA1

    520a17593a4c0cb8ad27a4e6c033882724d126df

  • SHA256

    e1755eab1c4b2710cc304ea33727b5770de39cf265a575c0f4250ddb1594960e

  • SHA512

    290beea3065af278ac92c53663b71ecf72f0c582d15ee0d224eb308e582091e1e75d2e3af1e9d952d50924183b2b8d87484f13523d4f2f3611d5d22bb82ec35e

  • SSDEEP

    3072:2jvXGphAjSteGi0p+XsRf8yNqXBehq+8Qa8X0/j/PrAQfS7SAD0:kPGphAjjb0IXCfGec+w8dHzD

Score
8/10

Malware Config

Targets

    • Target

      e1755eab1c4b2710cc304ea33727b5770de39cf265a575c0f4250ddb1594960e

    • Size

      158KB

    • MD5

      5a01c350dcb66ffb4b627ac59c8ce794

    • SHA1

      520a17593a4c0cb8ad27a4e6c033882724d126df

    • SHA256

      e1755eab1c4b2710cc304ea33727b5770de39cf265a575c0f4250ddb1594960e

    • SHA512

      290beea3065af278ac92c53663b71ecf72f0c582d15ee0d224eb308e582091e1e75d2e3af1e9d952d50924183b2b8d87484f13523d4f2f3611d5d22bb82ec35e

    • SSDEEP

      3072:2jvXGphAjSteGi0p+XsRf8yNqXBehq+8Qa8X0/j/PrAQfS7SAD0:kPGphAjjb0IXCfGec+w8dHzD

    Score
    8/10
    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Tasks