General

  • Target

    VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe

  • Size

    503KB

  • Sample

    240302-vkz9nsff73

  • MD5

    0a1ba8f28aba89950e7a3569a266501d

  • SHA1

    6a519faedec061a5889311871060b72d23883eaf

  • SHA256

    01607634cf6297927c69eebd35cf1046e8d4af7281fa1ac6fde940b4fe073071

  • SHA512

    f33ba42587acdff1de9204ac3bffc2c5ad99b1dae3eaef2066d353e3f519ff1b62c3b668386d49f4fbae9d34f69b6064a70b740db44361fc4f161431fc83cd52

  • SSDEEP

    12288:wjwu3g3FaTExNhowkBPT6+OQxdE14CbFAeVaLZBXBqhm10iuI:wjh3qATsNmwwb6+ddE14CJAQG3XBQ00i

Score
10/10

Malware Config

Targets

    • Target

      VirusShare_0a1ba8f28aba89950e7a3569a266501d.exe

    • Size

      503KB

    • MD5

      0a1ba8f28aba89950e7a3569a266501d

    • SHA1

      6a519faedec061a5889311871060b72d23883eaf

    • SHA256

      01607634cf6297927c69eebd35cf1046e8d4af7281fa1ac6fde940b4fe073071

    • SHA512

      f33ba42587acdff1de9204ac3bffc2c5ad99b1dae3eaef2066d353e3f519ff1b62c3b668386d49f4fbae9d34f69b6064a70b740db44361fc4f161431fc83cd52

    • SSDEEP

      12288:wjwu3g3FaTExNhowkBPT6+OQxdE14CbFAeVaLZBXBqhm10iuI:wjh3qATsNmwwb6+ddE14CJAQG3XBQ00i

    Score
    10/10
    • Modifies firewall policy service

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks