Overview

overview

7

Static

static

1

Transferencia.exe

windows7-x64

7

Transferencia.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Transferencia.exe

  • Size

    263KB

  • Sample

    231115-xfrsvadd86

  • MD5

    eab44b2328f9db484cc042970b19a2be

  • SHA1

    c38c69f8a7597a06a4b12cd06309aa23af0ce496

  • SHA256

    36464f131691f5a812e22d4255377f79a475700185352606586f671b9ab63b66

  • SHA512

    5793c049bbb25131725e33e09f6247fa056c64ef0d2bd5e4d643cb2b809b9767aa95bf9d421db9fe960cbf1e408c410a8c43faabf09fc1cc218c56057173a763

  • SSDEEP

    6144:9T4Dth1R6LFzFktPQnmzpE7HBCKRx69ChHjZ9zh9Amq8:9Ti1btIIpELBCKRx6eHjZ93AmN

Score
7/10

Malware Config

Targets

    • Target

      Transferencia.exe

    • Size

      263KB

    • MD5

      eab44b2328f9db484cc042970b19a2be

    • SHA1

      c38c69f8a7597a06a4b12cd06309aa23af0ce496

    • SHA256

      36464f131691f5a812e22d4255377f79a475700185352606586f671b9ab63b66

    • SHA512

      5793c049bbb25131725e33e09f6247fa056c64ef0d2bd5e4d643cb2b809b9767aa95bf9d421db9fe960cbf1e408c410a8c43faabf09fc1cc218c56057173a763

    • SSDEEP

      6144:9T4Dth1R6LFzFktPQnmzpE7HBCKRx69ChHjZ9zh9Amq8:9Ti1btIIpELBCKRx6eHjZ93AmN

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks