General
-
Target
52e299444efeafc5b6dab83f45a2aaf9
-
Size
148KB
-
Sample
240111-h4sygsbeep
-
MD5
52e299444efeafc5b6dab83f45a2aaf9
-
SHA1
1ea251945e0e8f318942a5e59b91ce9a106f8810
-
SHA256
20a98e86ebeeacb4d79a4f3fe6fead40559b83bf5388123099365739fdd09e3b
-
SHA512
a9a0b85e24e26ac2de55096bc2b24ce9df518bd2581483d0b53058c96840d6d5281facb08dacfffbd7cd44acb8894e4c292f49c3ed04ae77f0eb11debcff1084
-
SSDEEP
3072:5aGovdrh2RoMVmO7IzohgxR9o583dHfukXt/Ypug3Oz4hlsVFq:5aGoGRoM0OszzR9x5uRp7ezm
Malware Config
Targets
-
-
Target
52e299444efeafc5b6dab83f45a2aaf9
-
Size
148KB
-
MD5
52e299444efeafc5b6dab83f45a2aaf9
-
SHA1
1ea251945e0e8f318942a5e59b91ce9a106f8810
-
SHA256
20a98e86ebeeacb4d79a4f3fe6fead40559b83bf5388123099365739fdd09e3b
-
SHA512
a9a0b85e24e26ac2de55096bc2b24ce9df518bd2581483d0b53058c96840d6d5281facb08dacfffbd7cd44acb8894e4c292f49c3ed04ae77f0eb11debcff1084
-
SSDEEP
3072:5aGovdrh2RoMVmO7IzohgxR9o583dHfukXt/Ypug3Oz4hlsVFq:5aGoGRoM0OszzR9x5uRp7ezm
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1