Overview

overview

7

Static

static

3

3f65a714f4...6d.exe

windows7-x64

7

3f65a714f4...6d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f65a714f4db1d2f7d585abc7d60656d

  • Size

    168KB

  • Sample

    240104-ahws9adcfr

  • MD5

    3f65a714f4db1d2f7d585abc7d60656d

  • SHA1

    cb96a4d2eddde21a89e3d8ae98fc82fcbd5a1bdc

  • SHA256

    6b5315d5569d448773a9d4c334f22475bf820132f65c824b733a5a9fefa4f845

  • SHA512

    e64ad49d79fc59d98734766cf731d5c431635e960b023f288e2c3cd5214d13d54d303296eb0cf0f7d8c41da66e963293082ba7c261cd112f0260d19c9d474497

  • SSDEEP

    3072:8B/yfWqIm2ToinfY86s+g0Sfh2WYhdH2eluFkVZH7SLmRYqC:8ofU3tfpj0gRUdH2etB+L

Score
7/10
persistence

Malware Config

Targets

    • Target

      3f65a714f4db1d2f7d585abc7d60656d

    • Size

      168KB

    • MD5

      3f65a714f4db1d2f7d585abc7d60656d

    • SHA1

      cb96a4d2eddde21a89e3d8ae98fc82fcbd5a1bdc

    • SHA256

      6b5315d5569d448773a9d4c334f22475bf820132f65c824b733a5a9fefa4f845

    • SHA512

      e64ad49d79fc59d98734766cf731d5c431635e960b023f288e2c3cd5214d13d54d303296eb0cf0f7d8c41da66e963293082ba7c261cd112f0260d19c9d474497

    • SSDEEP

      3072:8B/yfWqIm2ToinfY86s+g0Sfh2WYhdH2eluFkVZH7SLmRYqC:8ofU3tfpj0gRUdH2etB+L

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks