Overview

overview

7

Static

static

1

7fb15605dc...14.exe

windows7-x64

7

7fb15605dc...14.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7fb15605dccd06a70ae7644062a69114

  • Size

    262KB

  • Sample

    240129-nafnysgdg6

  • MD5

    7fb15605dccd06a70ae7644062a69114

  • SHA1

    3fa5587c045a0e99f2304828e275776154a30ed1

  • SHA256

    2b93f9095e8695ccecddb46f5c79252d226f665d29e781cb53b0b8d237414a29

  • SHA512

    83dda785e21f940a92ab863839130767e15184c83cd828d1778986092c06934a65ae8f81ea32de8b55c129575b3e4f9a8cbe989462fb69664349ee7c8b4c5654

  • SSDEEP

    6144:wZ8Gp+df0afmVTRMdVdpn94sLrNXel9Qb98+MARI:w8YkfXf4TRMn94svNuzQb9Zw

Score
7/10
persistence

Malware Config

Targets

    • Target

      7fb15605dccd06a70ae7644062a69114

    • Size

      262KB

    • MD5

      7fb15605dccd06a70ae7644062a69114

    • SHA1

      3fa5587c045a0e99f2304828e275776154a30ed1

    • SHA256

      2b93f9095e8695ccecddb46f5c79252d226f665d29e781cb53b0b8d237414a29

    • SHA512

      83dda785e21f940a92ab863839130767e15184c83cd828d1778986092c06934a65ae8f81ea32de8b55c129575b3e4f9a8cbe989462fb69664349ee7c8b4c5654

    • SSDEEP

      6144:wZ8Gp+df0afmVTRMdVdpn94sLrNXel9Qb98+MARI:w8YkfXf4TRMn94svNuzQb9Zw

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks