Overview

overview

8

Static

static

5dab510885...61.exe

windows7-x64

8

5dab510885...61.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5dab5108857805f7535aaf5b8cb54ba289827e61

  • Size

    116KB

  • Sample

    230202-qyd65sca3y

  • MD5

    21102185c207602505d45019f5d782b9

  • SHA1

    5dab5108857805f7535aaf5b8cb54ba289827e61

  • SHA256

    3edf6c1c8d5cdde00dc21d20523fc815816165d951cea34ff2ebcd6f00b16ffd

  • SHA512

    0e23dc3ad9171c86a74f58452d8b7871a147b3d1cdd4550df93bf5c74b1a3661e76da106b1f6ea9b080b2f7cec4d66ba8f1cffbf757d049ed5f1a0c68dcbe247

  • SSDEEP

    3072:77Z/40Gq94BICd5X2NShaMJ0ejq6+l0Yt2EKL4niDjd:7z4BjdqMaoHB194Gx

Score
8/10
persistence

Malware Config

Targets

    • Target

      5dab5108857805f7535aaf5b8cb54ba289827e61

    • Size

      116KB

    • MD5

      21102185c207602505d45019f5d782b9

    • SHA1

      5dab5108857805f7535aaf5b8cb54ba289827e61

    • SHA256

      3edf6c1c8d5cdde00dc21d20523fc815816165d951cea34ff2ebcd6f00b16ffd

    • SHA512

      0e23dc3ad9171c86a74f58452d8b7871a147b3d1cdd4550df93bf5c74b1a3661e76da106b1f6ea9b080b2f7cec4d66ba8f1cffbf757d049ed5f1a0c68dcbe247

    • SSDEEP

      3072:77Z/40Gq94BICd5X2NShaMJ0ejq6+l0Yt2EKL4niDjd:7z4BjdqMaoHB194Gx

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks