Overview

overview

7

Static

static

3

1a6df3c735...a4.exe

windows7-x64

7

1a6df3c735...a4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a6df3c735fdc4b767ff4e19c19d10a4

  • Size

    269KB

  • Sample

    231230-q14jtaeac2

  • MD5

    1a6df3c735fdc4b767ff4e19c19d10a4

  • SHA1

    583f01d2222d24d7e681c957c2cd27b21ab334bf

  • SHA256

    c21f799128f8fe7624ec85d14f87bdeacbd2f8a90c5fd71c4a45dec338d36704

  • SHA512

    2c7216381b687532befe6ac3b22dcc7e0a5594d0c1335e933405c80b13dbf20048f3574c215433a3d0262f9073bdfbff8ce694d51a6998fea418d9f4cbd40d82

  • SSDEEP

    6144:EvhSU1TVgzhGP6k//BVaLJl/5dv/s1ItyPwKKt/:AQU1TVM4P60/BVatB5dv/sTPwx

Score
7/10
persistence

Malware Config

Targets

    • Target

      1a6df3c735fdc4b767ff4e19c19d10a4

    • Size

      269KB

    • MD5

      1a6df3c735fdc4b767ff4e19c19d10a4

    • SHA1

      583f01d2222d24d7e681c957c2cd27b21ab334bf

    • SHA256

      c21f799128f8fe7624ec85d14f87bdeacbd2f8a90c5fd71c4a45dec338d36704

    • SHA512

      2c7216381b687532befe6ac3b22dcc7e0a5594d0c1335e933405c80b13dbf20048f3574c215433a3d0262f9073bdfbff8ce694d51a6998fea418d9f4cbd40d82

    • SSDEEP

      6144:EvhSU1TVgzhGP6k//BVaLJl/5dv/s1ItyPwKKt/:AQU1TVM4P60/BVatB5dv/sTPwx

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks