Overview

overview

8

Static

static

3

290cbe1baa...fb.exe

windows7-x64

8

290cbe1baa...fb.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    290cbe1baa6814f1398bb4a61a8d4bfb

  • Size

    365KB

  • Sample

    231231-fkzwksafa6

  • MD5

    290cbe1baa6814f1398bb4a61a8d4bfb

  • SHA1

    bcc35951cb9276b4548272b77da1f6f1643aaddf

  • SHA256

    e56fd60f80b733cc72ab64d8ded0559d815ad85f0f2cad0541f415c1d5451906

  • SHA512

    837a3a7d38a51c5dca965f769b41b1286ecd10b9edc97fcf50c0042c55f89ad9a02b9ef27eb9117be5dde7dc78188944a811b993c45d25bbc941b965b66b884c

  • SSDEEP

    6144:yEYZeu1qqULirsPYKGQMeqPen4EL/gWyWuYx1mFx/uh6y8ltsZGih5a6/lGMhSr:0euPrsRhMe948gWGSsU6dteGe0Obhk

Score
8/10

Malware Config

Targets

    • Target

      290cbe1baa6814f1398bb4a61a8d4bfb

    • Size

      365KB

    • MD5

      290cbe1baa6814f1398bb4a61a8d4bfb

    • SHA1

      bcc35951cb9276b4548272b77da1f6f1643aaddf

    • SHA256

      e56fd60f80b733cc72ab64d8ded0559d815ad85f0f2cad0541f415c1d5451906

    • SHA512

      837a3a7d38a51c5dca965f769b41b1286ecd10b9edc97fcf50c0042c55f89ad9a02b9ef27eb9117be5dde7dc78188944a811b993c45d25bbc941b965b66b884c

    • SSDEEP

      6144:yEYZeu1qqULirsPYKGQMeqPen4EL/gWyWuYx1mFx/uh6y8ltsZGih5a6/lGMhSr:0euPrsRhMe948gWGSsU6dteGe0Obhk

    Score
    8/10

    • Drops file in Drivers directory

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks