General
-
Target
038422720d1091690bd179072074991d
-
Size
193KB
-
Sample
231229-zjjyhsfcfp
-
MD5
038422720d1091690bd179072074991d
-
SHA1
98037a03b739ec77640e13f940d8b3196b0eb26d
-
SHA256
c8ad07bed9da07557cfbd58ea2178ea77d9d801aae9366af88d345d238e48ae4
-
SHA512
646c209689b6d472580a468cd7cc4b66810ee8dc269c10a076f952dce72f278c320341bdfff2f6f6d1b53261872ef93cc5e663e74199af92c5cbb5ab301f530e
-
SSDEEP
6144:EJrv8b52sfJJF0cmHzmxc1/smtJsWdswoSW:S7sVCc6QcqCzoSW
Malware Config
Targets
-
-
Target
038422720d1091690bd179072074991d
-
Size
193KB
-
MD5
038422720d1091690bd179072074991d
-
SHA1
98037a03b739ec77640e13f940d8b3196b0eb26d
-
SHA256
c8ad07bed9da07557cfbd58ea2178ea77d9d801aae9366af88d345d238e48ae4
-
SHA512
646c209689b6d472580a468cd7cc4b66810ee8dc269c10a076f952dce72f278c320341bdfff2f6f6d1b53261872ef93cc5e663e74199af92c5cbb5ab301f530e
-
SSDEEP
6144:EJrv8b52sfJJF0cmHzmxc1/smtJsWdswoSW:S7sVCc6QcqCzoSW
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1