General
-
Target
91d38ff34f7873e73bcc3860dcfebb61
-
Size
147KB
-
Sample
240205-m59d3sgcdj
-
MD5
91d38ff34f7873e73bcc3860dcfebb61
-
SHA1
89708ae9a87da9547e5b107ed444d457b2c753eb
-
SHA256
6fd9798ecac7cdfd94e55a36b9be488f9f52db44cd012ebbf2b718c8ffa5ff44
-
SHA512
ef004be03571d0e17afc3c785adb75fe974a59010e271307e9252cf2436a0118ee9c0fff7b24a5512d31e7f54c69ed562414484e90c78cf196cb5ac78fc8fea4
-
SSDEEP
3072:Yid3OHRBIRVcJ3Yeq4lExI7clo8gSyn+9C:7BOIYGe5lkovuC
Static task
static1
Behavioral task
behavioral1
Sample
91d38ff34f7873e73bcc3860dcfebb61.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
91d38ff34f7873e73bcc3860dcfebb61.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
91d38ff34f7873e73bcc3860dcfebb61
-
Size
147KB
-
MD5
91d38ff34f7873e73bcc3860dcfebb61
-
SHA1
89708ae9a87da9547e5b107ed444d457b2c753eb
-
SHA256
6fd9798ecac7cdfd94e55a36b9be488f9f52db44cd012ebbf2b718c8ffa5ff44
-
SHA512
ef004be03571d0e17afc3c785adb75fe974a59010e271307e9252cf2436a0118ee9c0fff7b24a5512d31e7f54c69ed562414484e90c78cf196cb5ac78fc8fea4
-
SSDEEP
3072:Yid3OHRBIRVcJ3Yeq4lExI7clo8gSyn+9C:7BOIYGe5lkovuC
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1