Overview

overview

6

Static

static

3

Permanent_Guard.exe

windows7-x64

6

Permanent_Guard.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    Permanent_Guard.exe

  • Size

    543KB

  • Sample

    231012-1m8lqaca71

  • MD5

    22ed4b43593fde89bb930353573bd469

  • SHA1

    fca18e3601cde732483757b8bd61c45735d2ffc8

  • SHA256

    44bf176f77043dd4948a47e50af23a02d9aaf13800091763bdd414982f406e6c

  • SHA512

    97f43592f2dca9b025dc1c1a9c61e82da323eb44745e0695ca47e81a9f2fa5e6237195c19d6ceda34cba0ec06adcea58663be208c3cef9432792ef1404ae336a

  • SSDEEP

    12288:ioL+NyHSU0YAJo62TuSK+Y9Ypqw+IJdSYXVMBgTGKo5Lk:hLkohAJKqSLIYpqwrJBMBgw5Lk

Score
6/10

Malware Config

Targets

    • Target

      Permanent_Guard.exe

    • Size

      543KB

    • MD5

      22ed4b43593fde89bb930353573bd469

    • SHA1

      fca18e3601cde732483757b8bd61c45735d2ffc8

    • SHA256

      44bf176f77043dd4948a47e50af23a02d9aaf13800091763bdd414982f406e6c

    • SHA512

      97f43592f2dca9b025dc1c1a9c61e82da323eb44745e0695ca47e81a9f2fa5e6237195c19d6ceda34cba0ec06adcea58663be208c3cef9432792ef1404ae336a

    • SSDEEP

      12288:ioL+NyHSU0YAJo62TuSK+Y9Ypqw+IJdSYXVMBgTGKo5Lk:hLkohAJKqSLIYpqwrJBMBgw5Lk

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks