7763c03f68bacabfea7b7f192b5ae630c85b47fdd87e9c13f3ec29fc461a0f56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GreedyV9.exe
Size

12.9MB
Sample

240307-vxethahe8w
MD5

6a5f7f3538cc9f46b9065c01d3316669
SHA1

3953fa31397fdd0e92b9ca597e127dfcd5f5d77a
SHA256

7763c03f68bacabfea7b7f192b5ae630c85b47fdd87e9c13f3ec29fc461a0f56
SHA512

e54cc94441f9477d0d14e26c4c85fecee589a1646d1646fe0420e8d5b76a7de643153e48da0604f28900ab8a2cfa2d8bba94297804ad9d8d9de9832b26b7051f
SSDEEP

393216:oFZeMUYmSbz0i2brA41a4lhBzI4vHHUO8Loxe+uL8eIbgZNUIJ6b/:eZeMU7SMHfa4lhBz9/t8LoxeNL8eIbg0

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  GreedyV9.exe
- Size
  
  12.9MB
- MD5
  
  6a5f7f3538cc9f46b9065c01d3316669
- SHA1
  
  3953fa31397fdd0e92b9ca597e127dfcd5f5d77a
- SHA256
  
  7763c03f68bacabfea7b7f192b5ae630c85b47fdd87e9c13f3ec29fc461a0f56
- SHA512
  
  e54cc94441f9477d0d14e26c4c85fecee589a1646d1646fe0420e8d5b76a7de643153e48da0604f28900ab8a2cfa2d8bba94297804ad9d8d9de9832b26b7051f
- SSDEEP
  
  393216:oFZeMUYmSbz0i2brA41a4lhBzI4vHHUO8Loxe+uL8eIbgZNUIJ6b/:eZeMU7SMHfa4lhBz9/t8LoxeNL8eIbg0
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence