Overview

overview

10

Static

static

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    73e10ada23b2432c979712c999ef0d9650f06eb1fda3a1da79ab7a80ccbca944

  • Size

    3.8MB

  • Sample

    230116-ewtm9sda6z

  • MD5

    8e9509369f821b09d81b5c3305fba76f

  • SHA1

    79717c039c61d8dafa748f62e949eefe9b019c0b

  • SHA256

    73e10ada23b2432c979712c999ef0d9650f06eb1fda3a1da79ab7a80ccbca944

  • SHA512

    517b9377f07f5faf68f684b647cefbdfa0c423ab3842fdd85f4d5abb367fa1abd7bfa6ed7282ce32777cc70049223f298ff713231d9f78bfab06ee1f5d4e5e2a

  • SSDEEP

    98304:uGbIlvAq+fTmM2xntJa7IwQBwTDxINNqv4p:1bIlvAnynLW5Qk8

Score
10/10

Malware Config

Targets

    • Target

      73e10ada23b2432c979712c999ef0d9650f06eb1fda3a1da79ab7a80ccbca944

    • Size

      3.8MB

    • MD5

      8e9509369f821b09d81b5c3305fba76f

    • SHA1

      79717c039c61d8dafa748f62e949eefe9b019c0b

    • SHA256

      73e10ada23b2432c979712c999ef0d9650f06eb1fda3a1da79ab7a80ccbca944

    • SHA512

      517b9377f07f5faf68f684b647cefbdfa0c423ab3842fdd85f4d5abb367fa1abd7bfa6ed7282ce32777cc70049223f298ff713231d9f78bfab06ee1f5d4e5e2a

    • SSDEEP

      98304:uGbIlvAq+fTmM2xntJa7IwQBwTDxINNqv4p:1bIlvAnynLW5Qk8

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Drops file in Drivers directory

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks