Overview

overview

7

Static

static

1

ykuBL9i61d.exe

windows7-x64

5

ykuBL9i61d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ykuBL9i61d.exe

  • Size

    729KB

  • Sample

    230319-b39raaed56

  • MD5

    5a6e2372cf092d16435162af7b23de62

  • SHA1

    e4c1e54aca0eacc3675bd7db4ec92f11979aefcb

  • SHA256

    91c3b2b0be1ba25c0234fed681c1506e6396624d019c4e8626da7fd7d55c3694

  • SHA512

    d5029c0e6d31d9e8526e7ef3cd28743c45ae0971bbc642bcbb73e8a9f99a5dc6174598542e93b49bb38651a0c11dc3e9fe0fc759e40a0e5564cb5e7ef29dbb60

  • SSDEEP

    12288:srto7EbSb958GjpjDK4i0oAGqj+3hPebgB2iFnDT+bKOwONz5J5JrRjH:srtoYbSb958gjugoAGZhPGgIubAd9Jrd

Score
7/10
collection

Malware Config

Targets

    • Target

      ykuBL9i61d.exe

    • Size

      729KB

    • MD5

      5a6e2372cf092d16435162af7b23de62

    • SHA1

      e4c1e54aca0eacc3675bd7db4ec92f11979aefcb

    • SHA256

      91c3b2b0be1ba25c0234fed681c1506e6396624d019c4e8626da7fd7d55c3694

    • SHA512

      d5029c0e6d31d9e8526e7ef3cd28743c45ae0971bbc642bcbb73e8a9f99a5dc6174598542e93b49bb38651a0c11dc3e9fe0fc759e40a0e5564cb5e7ef29dbb60

    • SSDEEP

      12288:srto7EbSb958GjpjDK4i0oAGqj+3hPebgB2iFnDT+bKOwONz5J5JrRjH:srtoYbSb958gjugoAGZhPGgIubAd9Jrd

    Score
    7/10
    collection

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks