General
-
Target
c3fbec35aaacf4be04abee7c6e1bbfb7
-
Size
139KB
-
Sample
240312-wf3dxafc2w
-
MD5
c3fbec35aaacf4be04abee7c6e1bbfb7
-
SHA1
813f9bf98c1564a49ed33449667e4b0e6c7b30b3
-
SHA256
f7285d4101b8f8d63c39bcf62c5b2b34e04070dfd87742b8a0a7dd4f4355fe5d
-
SHA512
dd736a008d6ad100de467f0d8c493e419418dbbebfa26418cd5673a40a7bb37d7ea96ae097363ddb9d35e5276c30e8fde1a6772af498de839f3390c3858c32b3
-
SSDEEP
3072:TVE9+iA1EqQRKjcjVguzKHeambBEMdCeTVj3xZwMVepyq7:BitAVbkVgGIeambtCU9Vrq7
Static task
static1
Behavioral task
behavioral1
Sample
c3fbec35aaacf4be04abee7c6e1bbfb7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c3fbec35aaacf4be04abee7c6e1bbfb7.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
c3fbec35aaacf4be04abee7c6e1bbfb7
-
Size
139KB
-
MD5
c3fbec35aaacf4be04abee7c6e1bbfb7
-
SHA1
813f9bf98c1564a49ed33449667e4b0e6c7b30b3
-
SHA256
f7285d4101b8f8d63c39bcf62c5b2b34e04070dfd87742b8a0a7dd4f4355fe5d
-
SHA512
dd736a008d6ad100de467f0d8c493e419418dbbebfa26418cd5673a40a7bb37d7ea96ae097363ddb9d35e5276c30e8fde1a6772af498de839f3390c3858c32b3
-
SSDEEP
3072:TVE9+iA1EqQRKjcjVguzKHeambBEMdCeTVj3xZwMVepyq7:BitAVbkVgGIeambtCU9Vrq7
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1