General
-
Target
7a9b6a40ef47cf7c43bfcebf0348ecd4
-
Size
165KB
-
Sample
240127-sxa47segg6
-
MD5
7a9b6a40ef47cf7c43bfcebf0348ecd4
-
SHA1
8539a071bfb1390bbe473a5ac13adaa360f436cd
-
SHA256
b5678e0d3309d70787a8f0a75b4654115d1b12114bd03d22f6b099e075170f17
-
SHA512
824d05a54e390ddfeafd4e50d69320c822202b954d5366667004b880401cc92ad0c701757195a3ed98a83c719a9cf921510d5b770db99d9498b9cd166f0bd8ef
-
SSDEEP
3072:ekH4BrXheR3tre/5rBHCyGv1eKlimkslTitAOnNn9sPQd72WYcuTNQpFBpeoutMU:GB7a3treTHiv1Rmsla3sPu2xcSNQpFBY
Behavioral task
behavioral1
Sample
7a9b6a40ef47cf7c43bfcebf0348ecd4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7a9b6a40ef47cf7c43bfcebf0348ecd4.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
7a9b6a40ef47cf7c43bfcebf0348ecd4
-
Size
165KB
-
MD5
7a9b6a40ef47cf7c43bfcebf0348ecd4
-
SHA1
8539a071bfb1390bbe473a5ac13adaa360f436cd
-
SHA256
b5678e0d3309d70787a8f0a75b4654115d1b12114bd03d22f6b099e075170f17
-
SHA512
824d05a54e390ddfeafd4e50d69320c822202b954d5366667004b880401cc92ad0c701757195a3ed98a83c719a9cf921510d5b770db99d9498b9cd166f0bd8ef
-
SSDEEP
3072:ekH4BrXheR3tre/5rBHCyGv1eKlimkslTitAOnNn9sPQd72WYcuTNQpFBpeoutMU:GB7a3treTHiv1Rmsla3sPu2xcSNQpFBY
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1