Overview

overview

7

Static

static

3

ca69635fb5...86.exe

windows7-x64

7

ca69635fb5...86.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca69635fb5233cace5734e3dfcd169ed502f82d7f6e99cc2c370b0e0e210f186.exe

  • Size

    1.1MB

  • Sample

    240213-fw3rlsdh8t

  • MD5

    800d9692324a7d9be0d8e0544269a4f0

  • SHA1

    d637efb1a6713bf3580262ab5be1961749845cd5

  • SHA256

    ca69635fb5233cace5734e3dfcd169ed502f82d7f6e99cc2c370b0e0e210f186

  • SHA512

    7675047dc3c6455c4686793927417e313eae21ab7ab47bed87b0d563b01fb50cf0268d7cab20439744ae612f9a1adf7b83bc7a7ad8546b214c857ea36c6b2c0d

  • SSDEEP

    24576:7UjH+ezsCtbDKtJuXrPBrnU/OjuzjWDJ+Ak+QhLfFJxZ:4jHHfKXubBzUAuzi5k9Ljr

Score
7/10
persistence

Malware Config

Targets

    • Target

      ca69635fb5233cace5734e3dfcd169ed502f82d7f6e99cc2c370b0e0e210f186.exe

    • Size

      1.1MB

    • MD5

      800d9692324a7d9be0d8e0544269a4f0

    • SHA1

      d637efb1a6713bf3580262ab5be1961749845cd5

    • SHA256

      ca69635fb5233cace5734e3dfcd169ed502f82d7f6e99cc2c370b0e0e210f186

    • SHA512

      7675047dc3c6455c4686793927417e313eae21ab7ab47bed87b0d563b01fb50cf0268d7cab20439744ae612f9a1adf7b83bc7a7ad8546b214c857ea36c6b2c0d

    • SSDEEP

      24576:7UjH+ezsCtbDKtJuXrPBrnU/OjuzjWDJ+Ak+QhLfFJxZ:4jHHfKXubBzUAuzi5k9Ljr

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fbe295e5a1acfbd0a6271898f885fe6a

    • SHA1

      d6d205922e61635472efb13c2bb92c9ac6cb96da

    • SHA256

      a1390a78533c47e55cc364e97af431117126d04a7faed49390210ea3e89dd0e1

    • SHA512

      2cb596971e504eaf1ce8e3f09719ebfb3f6234cea5ca7b0d33ec7500832ff4b97ec2bbe15a1fbf7e6a5b02c59db824092b9562cd8991f4d027feab6fd3177b06

    • SSDEEP

      192:yPtkiQJr7V9r3Ftr87NfwXQ6whlgi62V7i77blbTc4DI:N7Vxr8IgLgi3sVc4

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks