Overview

overview

8

Static

static

3

00401c4ae6...24.exe

windows7-x64

8

00401c4ae6...24.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    00401c4ae6d90336e0b74daa4a040f24

  • Size

    19KB

  • Sample

    231225-c22jyscfg9

  • MD5

    00401c4ae6d90336e0b74daa4a040f24

  • SHA1

    a64c1c8e69fa7e497224b8cdfe42a1028f320a76

  • SHA256

    12d7be6a36738cc1d917f944a7a605c7a2d0b3717afb3376034521b343b21f9a

  • SHA512

    8f50452afe3fe872877d347b7613f6833ab0b31b107f004ef6fe5a909007e9af9505c55bc1c6ea46f183187b4851ae1903d5a173c69a645957565d0aba3865a4

  • SSDEEP

    384:qmlcZRgl5lbI3vny47444u7d4ygfTlSyZXcpSaTPjbKEmDjhoXDArm7y2:56A5lbIfnyZux0rlSyxgF7j+Jo+m

Score
8/10
persistence

Malware Config

Targets

    • Target

      00401c4ae6d90336e0b74daa4a040f24

    • Size

      19KB

    • MD5

      00401c4ae6d90336e0b74daa4a040f24

    • SHA1

      a64c1c8e69fa7e497224b8cdfe42a1028f320a76

    • SHA256

      12d7be6a36738cc1d917f944a7a605c7a2d0b3717afb3376034521b343b21f9a

    • SHA512

      8f50452afe3fe872877d347b7613f6833ab0b31b107f004ef6fe5a909007e9af9505c55bc1c6ea46f183187b4851ae1903d5a173c69a645957565d0aba3865a4

    • SSDEEP

      384:qmlcZRgl5lbI3vny47444u7d4ygfTlSyZXcpSaTPjbKEmDjhoXDArm7y2:56A5lbIfnyZux0rlSyxgF7j+Jo+m

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Deletes itself

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks