Overview

overview

7

Static

static

1

43ba53c5d9...72.exe

windows7-x64

7

43ba53c5d9...72.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43ba53c5d99ac5d6742e9eb7812e3872

  • Size

    262KB

  • Sample

    240105-p3laksddd4

  • MD5

    43ba53c5d99ac5d6742e9eb7812e3872

  • SHA1

    5ced7bd1d6aea7c988a851b8c6363debd22df2e6

  • SHA256

    72af55199bbf118b2245e6ccc487dad227fd471c8f47773de26031e9f40a4ef7

  • SHA512

    89afa93f5dff37eb1f6dff2e9f6f695bd0aa8259464b6bf252c00c8cb5337da4e58d8a49d9b321a17cbe696b0e6d13c519d42ccc12f259a8cbd3416da4ad5f00

  • SSDEEP

    6144:0R8Gp+df0afmVTRMd1dpn94sLrNXel9Sb98+MAYo:08YkfXf4TRM/94svNuzSb9Zd

Score
7/10
persistence

Malware Config

Targets

    • Target

      43ba53c5d99ac5d6742e9eb7812e3872

    • Size

      262KB

    • MD5

      43ba53c5d99ac5d6742e9eb7812e3872

    • SHA1

      5ced7bd1d6aea7c988a851b8c6363debd22df2e6

    • SHA256

      72af55199bbf118b2245e6ccc487dad227fd471c8f47773de26031e9f40a4ef7

    • SHA512

      89afa93f5dff37eb1f6dff2e9f6f695bd0aa8259464b6bf252c00c8cb5337da4e58d8a49d9b321a17cbe696b0e6d13c519d42ccc12f259a8cbd3416da4ad5f00

    • SSDEEP

      6144:0R8Gp+df0afmVTRMd1dpn94sLrNXel9Sb98+MAYo:08YkfXf4TRM/94svNuzSb9Zd

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks