Overview

overview

7

Static

static

3

073ceea879...8e.exe

windows7-x64

7

073ceea879...8e.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    073ceea87902403409a153379d01ca8e

  • Size

    132KB

  • Sample

    231229-3n8dfshbek

  • MD5

    073ceea87902403409a153379d01ca8e

  • SHA1

    001e4201241694e38123dd9a66509e6d143ead0d

  • SHA256

    d809d65d3c625ce88936bd80d6c3e975b2993413a55ca4eee2864d049647f73e

  • SHA512

    e6a33c1df556f24af2420c2e8f96b382108f7d7f44f36dfe71b6f5662ee4e184f9714ce9713d9250f2826d19047914fe24e2462c6d9b201310b4e151f9bc5829

  • SSDEEP

    3072:3s5j4nwcnf0W2pFflX7OTaxj+E09L+8mpCC/WnJarW3Rpc1:cV45nMW2pQaxjuqSJrRA

Score
7/10
persistence

Malware Config

Targets

    • Target

      073ceea87902403409a153379d01ca8e

    • Size

      132KB

    • MD5

      073ceea87902403409a153379d01ca8e

    • SHA1

      001e4201241694e38123dd9a66509e6d143ead0d

    • SHA256

      d809d65d3c625ce88936bd80d6c3e975b2993413a55ca4eee2864d049647f73e

    • SHA512

      e6a33c1df556f24af2420c2e8f96b382108f7d7f44f36dfe71b6f5662ee4e184f9714ce9713d9250f2826d19047914fe24e2462c6d9b201310b4e151f9bc5829

    • SSDEEP

      3072:3s5j4nwcnf0W2pFflX7OTaxj+E09L+8mpCC/WnJarW3Rpc1:cV45nMW2pQaxjuqSJrRA

    Score
    7/10
    persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks