General
-
Target
015628cf9786db6a8f63286c0f7e88bc
-
Size
209KB
-
Sample
231229-xv35escac5
-
MD5
015628cf9786db6a8f63286c0f7e88bc
-
SHA1
5712fede2c1be3e430e12f079ec619ed40753d6f
-
SHA256
6b4a2f4537de69d2559bff5e098558817fd9c9e30f897b17d3db08ab5b0fae91
-
SHA512
9188821e87085343f582249a03a28970bfad7ca0deb0c04cbcb710d1910e6047eef9334c500271614df0ccce8b2d69290797a9c7666eb34ad11c9e37fa5dc439
-
SSDEEP
6144:uVTfo7n7Xkp1RIV48q2T02xQr0AlUz3jfmTt:uVTA7n70PRnFSkMz3jOTt
Malware Config
Targets
-
-
Target
015628cf9786db6a8f63286c0f7e88bc
-
Size
209KB
-
MD5
015628cf9786db6a8f63286c0f7e88bc
-
SHA1
5712fede2c1be3e430e12f079ec619ed40753d6f
-
SHA256
6b4a2f4537de69d2559bff5e098558817fd9c9e30f897b17d3db08ab5b0fae91
-
SHA512
9188821e87085343f582249a03a28970bfad7ca0deb0c04cbcb710d1910e6047eef9334c500271614df0ccce8b2d69290797a9c7666eb34ad11c9e37fa5dc439
-
SSDEEP
6144:uVTfo7n7Xkp1RIV48q2T02xQr0AlUz3jfmTt:uVTA7n70PRnFSkMz3jOTt
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1