Overview

overview

10

Static

static

3

681ac6da80...cf.exe

windows7-x64

10

681ac6da80...cf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    681ac6da809b115402863a99f02122cf

  • Size

    600KB

  • Sample

    240119-t1yv4shgbk

  • MD5

    681ac6da809b115402863a99f02122cf

  • SHA1

    d50d6c617b823a58b042650515d7a1e4c1de61fe

  • SHA256

    4937c5ad9b7c054d4aef98230a228555e71addbfdb93f2826156d3872a7f794a

  • SHA512

    8de24c09922b73df0a0edb89bbe9464f876eb85491b71693cadc6dda5434f369dd439246208f9a4c069e1d7eb4db9f84d9d33e1309df581aeba4e4b0022fa290

  • SSDEEP

    12288:SgskAh0Eqp+p++TAoe2khAOtfTzRioTx1OG:SkAh0Eqp+hASkhAOtfTzRBN1OG

Score
10/10
evasion

Malware Config

Targets

    • Target

      681ac6da809b115402863a99f02122cf

    • Size

      600KB

    • MD5

      681ac6da809b115402863a99f02122cf

    • SHA1

      d50d6c617b823a58b042650515d7a1e4c1de61fe

    • SHA256

      4937c5ad9b7c054d4aef98230a228555e71addbfdb93f2826156d3872a7f794a

    • SHA512

      8de24c09922b73df0a0edb89bbe9464f876eb85491b71693cadc6dda5434f369dd439246208f9a4c069e1d7eb4db9f84d9d33e1309df581aeba4e4b0022fa290

    • SSDEEP

      12288:SgskAh0Eqp+p++TAoe2khAOtfTzRioTx1OG:SkAh0Eqp+hASkhAOtfTzRBN1OG

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks