Overview

overview

10

Static

static

1

95e3445e2e...JC.exe

windows7-x64

5

95e3445e2e...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95e3445e2e4fb0dbe130d06c0abf523ea131d7d79f670581019d49618af3a32eexe_JC.exe

  • Size

    387KB

  • Sample

    231005-v8zytadc7v

  • MD5

    3a271fd34423342f6b757e725b557428

  • SHA1

    f9d646330ea4dd742f276331511f20d5aa7ae0ae

  • SHA256

    95e3445e2e4fb0dbe130d06c0abf523ea131d7d79f670581019d49618af3a32e

  • SHA512

    d58fd1def37f2bc030b130d52e228d20c5a926fc7349f2d5feef5bb0b1d3c196bdeff10dfa794b169ce4db707c26c54e5073a1fc8172708a1cf9d4d3921cf2af

  • SSDEEP

    6144:BGsezk42/83Mkc0HeCIG1Sd01rqQgG6VSGzHzzh+sx3PHLmAJhhOWxa:BGsezTwkc0tviSGzHzzh+sx3PrmAJ1xa

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.wymascensores.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    fa)]B^S8VjxG@

Targets

    • Target

      95e3445e2e4fb0dbe130d06c0abf523ea131d7d79f670581019d49618af3a32eexe_JC.exe

    • Size

      387KB

    • MD5

      3a271fd34423342f6b757e725b557428

    • SHA1

      f9d646330ea4dd742f276331511f20d5aa7ae0ae

    • SHA256

      95e3445e2e4fb0dbe130d06c0abf523ea131d7d79f670581019d49618af3a32e

    • SHA512

      d58fd1def37f2bc030b130d52e228d20c5a926fc7349f2d5feef5bb0b1d3c196bdeff10dfa794b169ce4db707c26c54e5073a1fc8172708a1cf9d4d3921cf2af

    • SSDEEP

      6144:BGsezk42/83Mkc0HeCIG1Sd01rqQgG6VSGzHzzh+sx3PHLmAJhhOWxa:BGsezTwkc0tviSGzHzzh+sx3PrmAJ1xa

    Score
    10/10

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks