General
-
Target
a72f659fd970d503ac88a81066e58c25
-
Size
281KB
-
Sample
240226-yem9pseh2t
-
MD5
a72f659fd970d503ac88a81066e58c25
-
SHA1
42b015e9fc6f444afe513245a348568366b02c46
-
SHA256
c61409a910ee60ac110a326e4fee3a8609f50d4e072e760ea66c15a1584de855
-
SHA512
a2500f1d439753e9e53d2bca24ab608915eb75126e31247ae4858e7b62878335cacef8ea4c8c21c38213fdffb5c7b61987391393e90e9e96c0cb55a613fc2d75
-
SSDEEP
6144:Ib9kSqoncIHgp44tKAkG0nyaSDVR2r7flZNgpmPuIft6nv79/Ji:AhqoLb4tKAcRSDVRKjlZNgAue
Static task
static1
Behavioral task
behavioral1
Sample
a72f659fd970d503ac88a81066e58c25.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a72f659fd970d503ac88a81066e58c25.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a72f659fd970d503ac88a81066e58c25
-
Size
281KB
-
MD5
a72f659fd970d503ac88a81066e58c25
-
SHA1
42b015e9fc6f444afe513245a348568366b02c46
-
SHA256
c61409a910ee60ac110a326e4fee3a8609f50d4e072e760ea66c15a1584de855
-
SHA512
a2500f1d439753e9e53d2bca24ab608915eb75126e31247ae4858e7b62878335cacef8ea4c8c21c38213fdffb5c7b61987391393e90e9e96c0cb55a613fc2d75
-
SSDEEP
6144:Ib9kSqoncIHgp44tKAkG0nyaSDVR2r7flZNgpmPuIft6nv79/Ji:AhqoLb4tKAcRSDVRKjlZNgAue
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1