Overview

overview

10

Static

static

3

2118bdeced...1c.exe

windows7-x64

10

2118bdeced...1c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2118bdeced5d13501e17ed9c591a181c

  • Size

    60KB

  • Sample

    231231-aeny8sche8

  • MD5

    2118bdeced5d13501e17ed9c591a181c

  • SHA1

    e9efe97d5c91899baf9b909409af744f5714d7b4

  • SHA256

    380e52e4d9ffde603129df7f732dbf8782a7e1ed33d5b4ff17391d0a97e97afe

  • SHA512

    f0a1ae6d414f921ec50b0c5724fa8dc6ff665cd136e70c736c88c64dc91d3a6d3d47da0bd0b0bde38345991ae9258e277d9cb2bb8491a9f21178066579a36a65

  • SSDEEP

    768:gLNXdCBuKaTCcpFClRHWLD03HM0wzagh:gLNXdCBurbCbvI

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      2118bdeced5d13501e17ed9c591a181c

    • Size

      60KB

    • MD5

      2118bdeced5d13501e17ed9c591a181c

    • SHA1

      e9efe97d5c91899baf9b909409af744f5714d7b4

    • SHA256

      380e52e4d9ffde603129df7f732dbf8782a7e1ed33d5b4ff17391d0a97e97afe

    • SHA512

      f0a1ae6d414f921ec50b0c5724fa8dc6ff665cd136e70c736c88c64dc91d3a6d3d47da0bd0b0bde38345991ae9258e277d9cb2bb8491a9f21178066579a36a65

    • SSDEEP

      768:gLNXdCBuKaTCcpFClRHWLD03HM0wzagh:gLNXdCBurbCbvI

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks