General
-
Target
1ae0b5886ccc78a82e02472bf72151dd
-
Size
225KB
-
Sample
231230-rcwpqseaer
-
MD5
1ae0b5886ccc78a82e02472bf72151dd
-
SHA1
a6c45a11080e8ce9884f89ecb01b8c0bf000063e
-
SHA256
8dd5a1d733cfcaac9ca4d2d7208febfb8e7ce1874cf549a9d5fd51ef7691dd58
-
SHA512
f68896287b08a1a0457ad903793ff30ef2f6f957c308a12693d5b4334ed0f2247c295449a58fcb6a5b24ee0560e56cff071fda0b863943b4837455cd2cecc622
-
SSDEEP
3072:OJIcH/KbVY1/lHnzCF377sqQu71fCeuGxUiOn0lZMuayoh41aEbZX:OCcHyiNlHzCFLT7RhOn4ZMuahwaqX
Static task
static1
Behavioral task
behavioral1
Sample
1ae0b5886ccc78a82e02472bf72151dd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1ae0b5886ccc78a82e02472bf72151dd.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
1ae0b5886ccc78a82e02472bf72151dd
-
Size
225KB
-
MD5
1ae0b5886ccc78a82e02472bf72151dd
-
SHA1
a6c45a11080e8ce9884f89ecb01b8c0bf000063e
-
SHA256
8dd5a1d733cfcaac9ca4d2d7208febfb8e7ce1874cf549a9d5fd51ef7691dd58
-
SHA512
f68896287b08a1a0457ad903793ff30ef2f6f957c308a12693d5b4334ed0f2247c295449a58fcb6a5b24ee0560e56cff071fda0b863943b4837455cd2cecc622
-
SSDEEP
3072:OJIcH/KbVY1/lHnzCF377sqQu71fCeuGxUiOn0lZMuayoh41aEbZX:OCcHyiNlHzCFLT7RhOn4ZMuahwaqX
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1