Overview

overview

10

Static

static

3

6c93af68d8...42.exe

windows7-x64

10

6c93af68d8...42.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6c93af68d88185109cdd8c5bdb310542

  • Size

    347KB

  • Sample

    231226-n4swdahbc3

  • MD5

    6c93af68d88185109cdd8c5bdb310542

  • SHA1

    0165c396f06c31c9e7ca892c9528d1df567271ab

  • SHA256

    9898795c01aa24bccb59f559fe54d289c2b1eb4cf7278c7d0bda05c4084d5e59

  • SHA512

    b01f99465fc49218c4da7fa2b64e3f798d00f2c5a78740c0ef362284efc91a83d54432ce536996c4d29f25a802828ef563d25e62ffb7e7b04753f01947d7643d

  • SSDEEP

    6144:hQp8ix91HA11SHeF4qjjo+5fUs+0KrQgEbJHSYBpE82v+JC+8F:cr1HAQ+F4qPbfL+0qpEbAKc+Jz8F

Score
10/10
persistence

Malware Config

Targets

    • Target

      6c93af68d88185109cdd8c5bdb310542

    • Size

      347KB

    • MD5

      6c93af68d88185109cdd8c5bdb310542

    • SHA1

      0165c396f06c31c9e7ca892c9528d1df567271ab

    • SHA256

      9898795c01aa24bccb59f559fe54d289c2b1eb4cf7278c7d0bda05c4084d5e59

    • SHA512

      b01f99465fc49218c4da7fa2b64e3f798d00f2c5a78740c0ef362284efc91a83d54432ce536996c4d29f25a802828ef563d25e62ffb7e7b04753f01947d7643d

    • SSDEEP

      6144:hQp8ix91HA11SHeF4qjjo+5fUs+0KrQgEbJHSYBpE82v+JC+8F:cr1HAQ+F4qPbfL+0qpEbAKc+Jz8F

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks