Overview

overview

8

Static

static

3

hmpalert3 ...ed.exe

windows7-x64

8

hmpalert3 ...ed.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hmpalert3 pre-patched.exe

  • Size

    5.1MB

  • Sample

    230714-rdq6msed34

  • MD5

    f464b6682a1a1fdf145a63b866ac203c

  • SHA1

    622ab6cf9a0a7087796204151e327f93fd7955ba

  • SHA256

    62d20fdc2a6c018b6a25cbb3882290d1ea6ea207517e0af717a46254e321f16f

  • SHA512

    9d18540b545d4dcdb8bea83f88aa52d205338fd831ea37e90caca07087a768e83241952cf887ed372e53f8dcddce8c53f53e97d369fb5710656db4fb1a4605d7

  • SSDEEP

    98304:BOpFgn78Y6ZdzlDr8gBhvioUxJtJKnjyLJ79AZBeqFYe:BOpNblDkoeYu1JMeO

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      hmpalert3 pre-patched.exe

    • Size

      5.1MB

    • MD5

      f464b6682a1a1fdf145a63b866ac203c

    • SHA1

      622ab6cf9a0a7087796204151e327f93fd7955ba

    • SHA256

      62d20fdc2a6c018b6a25cbb3882290d1ea6ea207517e0af717a46254e321f16f

    • SHA512

      9d18540b545d4dcdb8bea83f88aa52d205338fd831ea37e90caca07087a768e83241952cf887ed372e53f8dcddce8c53f53e97d369fb5710656db4fb1a4605d7

    • SSDEEP

      98304:BOpFgn78Y6ZdzlDr8gBhvioUxJtJKnjyLJ79AZBeqFYe:BOpNblDkoeYu1JMeO

    Score
    8/10
    discoverypersistence

    • Drops file in Drivers directory

    • Sets file execution options in registry

      persistence

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks