Overview

overview

8

Static

static

3

P~.exe

windows7-x64

8

P~.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    P~

  • Size

    592KB

  • Sample

    230513-3vfl1scd2y

  • MD5

    25a6a9482b7864a92512b88cff4db1c1

  • SHA1

    f716e7fdcb21b2c4db133bab7067932fa25b518d

  • SHA256

    4c5ed1a14c6605d93ed0b217027531413c449a7b4e3fc994901ec64868c4d33a

  • SHA512

    e3e95030cc04e96285c961eb916eca102f21673d1ae7012b50882992081ad4ae7096749edaefa6f5bcf997f89158efe6847c315c5efc3ce6371167f360353414

  • SSDEEP

    12288:3Qk5pRUaw0gX6VB2PCsnv0oyOsMoFDem6P5CKaEvxcPekwjg:t573w0K6VB+OoyXMoxu5fCPekwk

Score
8/10
persistence

Malware Config

Targets

    • Target

      P~

    • Size

      592KB

    • MD5

      25a6a9482b7864a92512b88cff4db1c1

    • SHA1

      f716e7fdcb21b2c4db133bab7067932fa25b518d

    • SHA256

      4c5ed1a14c6605d93ed0b217027531413c449a7b4e3fc994901ec64868c4d33a

    • SHA512

      e3e95030cc04e96285c961eb916eca102f21673d1ae7012b50882992081ad4ae7096749edaefa6f5bcf997f89158efe6847c315c5efc3ce6371167f360353414

    • SSDEEP

      12288:3Qk5pRUaw0gX6VB2PCsnv0oyOsMoFDem6P5CKaEvxcPekwjg:t573w0K6VB+OoyXMoxu5fCPekwk

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks