Overview

overview

7

Static

static

3

a5e60b48ae...4a.exe

windows7-x64

7

a5e60b48ae...4a.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5e60b48aedebeef8da124fa14b2834a

  • Size

    224KB

  • Sample

    240226-kfq54ahc64

  • MD5

    a5e60b48aedebeef8da124fa14b2834a

  • SHA1

    6175026c99b9e4d7144d681b8d11c5c3a627dfe2

  • SHA256

    2f672ac93aa71275e367d4433aa22c8146baed9f7826d863400a782ef0196327

  • SHA512

    36aee7dc651a72ee587512e0119fbd9a6c080e1ea34fd1dc2fa315d1e4268c08bc74808efb8a0b7dfb925c2a2e1decf859f8e3e7b2d865e7bb7823718958d00a

  • SSDEEP

    6144:64mpP7kUlB0eIs63TU72BGLLFTIam9CEzhJ8JCYu:64mpP7kUl964qBLDNJQpu

Score
7/10
persistence

Malware Config

Targets

    • Target

      a5e60b48aedebeef8da124fa14b2834a

    • Size

      224KB

    • MD5

      a5e60b48aedebeef8da124fa14b2834a

    • SHA1

      6175026c99b9e4d7144d681b8d11c5c3a627dfe2

    • SHA256

      2f672ac93aa71275e367d4433aa22c8146baed9f7826d863400a782ef0196327

    • SHA512

      36aee7dc651a72ee587512e0119fbd9a6c080e1ea34fd1dc2fa315d1e4268c08bc74808efb8a0b7dfb925c2a2e1decf859f8e3e7b2d865e7bb7823718958d00a

    • SSDEEP

      6144:64mpP7kUlB0eIs63TU72BGLLFTIam9CEzhJ8JCYu:64mpP7kUl964qBLDNJQpu

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks