Overview

overview

10

Static

static

3

VirusShare...70.exe

windows7-x64

10

VirusShare...70.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    VirusShare_2e5a2049b13ffdae61eff0075d0c0e70

  • Size

    58KB

  • Sample

    240204-ph5tgsbdaj

  • MD5

    2e5a2049b13ffdae61eff0075d0c0e70

  • SHA1

    338633407b82fa1c3e615c195f39dad504b3dc92

  • SHA256

    a08b2205cc3b598a71b7f18aa1b8a2743830c578c08671780d2375a137413556

  • SHA512

    2000b60e443c39f1671934e7da59f9a2936465cd2f6279189c96ad018440bd44744c330e00a6bf7dcca5c9b05282e1986f558d189840af4c4fa320e3ad99e937

  • SSDEEP

    1536:Ce8DxGUq83VxorsFS6kM7P4N8GRWlN5whjd:b8DxGWL2w7c0N5whjd

Score
10/10
persistence

Malware Config

Targets

    • Target

      VirusShare_2e5a2049b13ffdae61eff0075d0c0e70

    • Size

      58KB

    • MD5

      2e5a2049b13ffdae61eff0075d0c0e70

    • SHA1

      338633407b82fa1c3e615c195f39dad504b3dc92

    • SHA256

      a08b2205cc3b598a71b7f18aa1b8a2743830c578c08671780d2375a137413556

    • SHA512

      2000b60e443c39f1671934e7da59f9a2936465cd2f6279189c96ad018440bd44744c330e00a6bf7dcca5c9b05282e1986f558d189840af4c4fa320e3ad99e937

    • SSDEEP

      1536:Ce8DxGUq83VxorsFS6kM7P4N8GRWlN5whjd:b8DxGWL2w7c0N5whjd

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks