General
-
Target
31c41bc2b7f17984c98d14332171b98b
-
Size
120KB
-
Sample
231231-lyjpeaabb3
-
MD5
31c41bc2b7f17984c98d14332171b98b
-
SHA1
3bb37091531085a0c29fda231c5f7914e29d1a93
-
SHA256
16cce51c4e31e9443595d66fbbc2ad93b383e0a77971bd8888257723e8b70e5f
-
SHA512
4125fc33c1f2a4a9a227cc9da8769e0668dc27844a803f436bd973e431dbdd2126cb278ac656b842b90031ab8fa5a62fbc6bbc6c2c4e2f14d20fa5df44db15ff
-
SSDEEP
3072:J1ODw4nRgmcU+0OeIq2QQvvQcSFcVBY7sIo3:JmwVmcUtOI/fFIsY3
Static task
static1
Behavioral task
behavioral1
Sample
31c41bc2b7f17984c98d14332171b98b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
31c41bc2b7f17984c98d14332171b98b.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
31c41bc2b7f17984c98d14332171b98b
-
Size
120KB
-
MD5
31c41bc2b7f17984c98d14332171b98b
-
SHA1
3bb37091531085a0c29fda231c5f7914e29d1a93
-
SHA256
16cce51c4e31e9443595d66fbbc2ad93b383e0a77971bd8888257723e8b70e5f
-
SHA512
4125fc33c1f2a4a9a227cc9da8769e0668dc27844a803f436bd973e431dbdd2126cb278ac656b842b90031ab8fa5a62fbc6bbc6c2c4e2f14d20fa5df44db15ff
-
SSDEEP
3072:J1ODw4nRgmcU+0OeIq2QQvvQcSFcVBY7sIo3:JmwVmcUtOI/fFIsY3
Score10/10-
Modifies firewall policy service
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
2Windows Service
2Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1