Overview

overview

10

Static

static

1

review-2023-26.one

windows7-x64

10

review-2023-26.one

windows10-2004-x64

10

Resubmissions

01/03/2023, 18:23

230301-w1gb6sha7t 10

01/03/2023, 18:17

230301-wxflgahe47 10

01/03/2023, 18:07

230301-wqd43aha4s 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    review-2023-26.one

  • Size

    4.2MB

  • Sample

    230301-wxflgahe47

  • MD5

    8aa44a2b3e5d1828dba11cd1401f6b2f

  • SHA1

    24544fc683559e6fdbdb9a86a175d86b1a7f5b43

  • SHA256

    24b010b16ac4782f7d7959f202d9dd1b4fe11040e1fd56310ce6fac7f74bba27

  • SHA512

    73b3c543ce23cd18cff9c903d6d3183abaeee92b4e6de65303964f58a6be0aa38ade8415b96b32aa1a9b4d9561425e114ef01c24e52f6179ba6166aca2601e73

  • SSDEEP

    98304:opYFYbIv+IyfvK3iZzzIjMtymjxKJmBR:9kIv+XC3iZveMtyWx3

Score
10/10
discovery

Malware Config

Targets

    • Target

      review-2023-26.one

    • Size

      4.2MB

    • MD5

      8aa44a2b3e5d1828dba11cd1401f6b2f

    • SHA1

      24544fc683559e6fdbdb9a86a175d86b1a7f5b43

    • SHA256

      24b010b16ac4782f7d7959f202d9dd1b4fe11040e1fd56310ce6fac7f74bba27

    • SHA512

      73b3c543ce23cd18cff9c903d6d3183abaeee92b4e6de65303964f58a6be0aa38ade8415b96b32aa1a9b4d9561425e114ef01c24e52f6179ba6166aca2601e73

    • SSDEEP

      98304:opYFYbIv+IyfvK3iZzzIjMtymjxKJmBR:9kIv+XC3iZveMtyWx3

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks