Overview

overview

10

Static

static

10

03157399.exe

windows7-x64

10

03157399.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03157399.exe

  • Size

    80KB

  • Sample

    230621-njm5dsgh44

  • MD5

    b8d23f55d8924b617a57035db1cd3eb0

  • SHA1

    94f84b29f47762afa6f44b39dea910286381f296

  • SHA256

    921db56e4de5605b3759de43727f62be0f4c158a2837cf08ff376c427b85bec8

  • SHA512

    656c74a552e068e20f234a7f66fd49a2c2477b991385c563443856d0b1e7668cb79f839f06f846eed14cfb009dd0fb4b1ad9f96fd1d0313d38cfb6d213e68099

  • SSDEEP

    1536:Q+uA+pnOZyTfpU9tE6lrY4eOmunPXqDMlsKrKN08LpSMm+IEQFTm:RuBA+hME6+SnPQasBN0cSN+IlFTm

Score
10/10
lobshotbackdoorpersistence

Malware Config

Targets

    • Target

      03157399.exe

    • Size

      80KB

    • MD5

      b8d23f55d8924b617a57035db1cd3eb0

    • SHA1

      94f84b29f47762afa6f44b39dea910286381f296

    • SHA256

      921db56e4de5605b3759de43727f62be0f4c158a2837cf08ff376c427b85bec8

    • SHA512

      656c74a552e068e20f234a7f66fd49a2c2477b991385c563443856d0b1e7668cb79f839f06f846eed14cfb009dd0fb4b1ad9f96fd1d0313d38cfb6d213e68099

    • SSDEEP

      1536:Q+uA+pnOZyTfpU9tE6lrY4eOmunPXqDMlsKrKN08LpSMm+IEQFTm:RuBA+hME6+SnPQasBN0cSN+IlFTm

    Score
    10/10
    lobshotbackdoorpersistence

    • Detects Lobshot family

    • Lobshot

      Lobshot is a backdoor module written in c++.

      backdoorlobshot

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks