Overview

overview

10

Static

static

3

002958999.exe

windows7-x64

10

002958999.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    002958999.exe

  • Size

    5.7MB

  • Sample

    230525-myfs7ahd68

  • MD5

    ab052e249130eb7803b317c5bf86e970

  • SHA1

    08b2eeaaa92244ef93f9b9db270a71ce6517f9cb

  • SHA256

    627e2c5c25665c8a5820aac02a85ee11688ea2108ddb80f2935955dbc41c1143

  • SHA512

    f0bd7b340f7da19b00d58de08fb378947b29833b5c083f2ee6fdb72df96f8ba440f1bb936fd9294d91adb33614786e31f91e6f13809b813c233199854d301f5f

  • SSDEEP

    98304:EVLqmX2A7uFmlMKhWRPI5f2ZhZ5pwYzpNM+PePGXobxvoHsj7Owo1Xd2t:EtrGsxpIb5nzpNM+mPGHsjywo1k

Score
10/10

Malware Config

Targets

    • Target

      002958999.exe

    • Size

      5.7MB

    • MD5

      ab052e249130eb7803b317c5bf86e970

    • SHA1

      08b2eeaaa92244ef93f9b9db270a71ce6517f9cb

    • SHA256

      627e2c5c25665c8a5820aac02a85ee11688ea2108ddb80f2935955dbc41c1143

    • SHA512

      f0bd7b340f7da19b00d58de08fb378947b29833b5c083f2ee6fdb72df96f8ba440f1bb936fd9294d91adb33614786e31f91e6f13809b813c233199854d301f5f

    • SSDEEP

      98304:EVLqmX2A7uFmlMKhWRPI5f2ZhZ5pwYzpNM+PePGXobxvoHsj7Owo1Xd2t:EtrGsxpIb5nzpNM+mPGHsjywo1k

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Drops file in Drivers directory

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks