General
-
Target
VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe
-
Size
503KB
-
Sample
240302-vkz9nsff73
-
MD5
0a1ba8f28aba89950e7a3569a266501d
-
SHA1
6a519faedec061a5889311871060b72d23883eaf
-
SHA256
01607634cf6297927c69eebd35cf1046e8d4af7281fa1ac6fde940b4fe073071
-
SHA512
f33ba42587acdff1de9204ac3bffc2c5ad99b1dae3eaef2066d353e3f519ff1b62c3b668386d49f4fbae9d34f69b6064a70b740db44361fc4f161431fc83cd52
-
SSDEEP
12288:wjwu3g3FaTExNhowkBPT6+OQxdE14CbFAeVaLZBXBqhm10iuI:wjh3qATsNmwwb6+ddE14CJAQG3XBQ00i
Static task
static1
Behavioral task
behavioral1
Sample
VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe
-
Size
503KB
-
MD5
0a1ba8f28aba89950e7a3569a266501d
-
SHA1
6a519faedec061a5889311871060b72d23883eaf
-
SHA256
01607634cf6297927c69eebd35cf1046e8d4af7281fa1ac6fde940b4fe073071
-
SHA512
f33ba42587acdff1de9204ac3bffc2c5ad99b1dae3eaef2066d353e3f519ff1b62c3b668386d49f4fbae9d34f69b6064a70b740db44361fc4f161431fc83cd52
-
SSDEEP
12288:wjwu3g3FaTExNhowkBPT6+OQxdE14CbFAeVaLZBXBqhm10iuI:wjh3qATsNmwwb6+ddE14CJAQG3XBQ00i
Score10/10-
Modifies firewall policy service
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1