Overview

overview

7

Static

static

3

client.exe

windows7-x64

1

client.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    client.exe

  • Size

    63.8MB

  • Sample

    240224-n9yc2sbb47

  • MD5

    17d9cb6fbcd94b61db2c18c84d88ace7

  • SHA1

    4ccf19100105be4ab0a33f423d0b2d2ef7d5f326

  • SHA256

    6e96cb43dd368ce0c48f5477e0d53f8c0f5ae78755a8c9ef631c8b5e46bef567

  • SHA512

    f76d21f32e0860b48bc6dfa8bea210497559c1aa9f86e35319c76d7961fa919ba67fdf169c7f98eda36c52be3e46450173b0ef9b3b4974b078e97662725c6219

  • SSDEEP

    1572864:AoIp3hfum/kT3ntutwXvTQZB8CtVVimGRt8USQY1:AoIp9um/ksygamqNRtQQe

Score
7/10

Malware Config

Targets

    • Target

      client.exe

    • Size

      63.8MB

    • MD5

      17d9cb6fbcd94b61db2c18c84d88ace7

    • SHA1

      4ccf19100105be4ab0a33f423d0b2d2ef7d5f326

    • SHA256

      6e96cb43dd368ce0c48f5477e0d53f8c0f5ae78755a8c9ef631c8b5e46bef567

    • SHA512

      f76d21f32e0860b48bc6dfa8bea210497559c1aa9f86e35319c76d7961fa919ba67fdf169c7f98eda36c52be3e46450173b0ef9b3b4974b078e97662725c6219

    • SSDEEP

      1572864:AoIp3hfum/kT3ntutwXvTQZB8CtVVimGRt8USQY1:AoIp9um/ksygamqNRtQQe

    Score
    7/10

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks