General
-
Target
c7b8c224a6cabae31557182788f7442a
-
Size
440KB
-
Sample
240314-fc77zsag7v
-
MD5
c7b8c224a6cabae31557182788f7442a
-
SHA1
b87bba5303a93b2f7d41037e864d81c208e955b8
-
SHA256
73eab7c739e178ac84370b78bcc5b969c693637144ae25ba56895a6ce28bc9db
-
SHA512
149db0b4a49f7234d1061b896f305da80abde917923b860bb1dc390952fbf3ee3609ae63150d10e6d0c273bbc48c46ce721aadb1a5be3a1429e49f8a7b9a5f26
-
SSDEEP
12288:tHM3/vAAOhOnYlPyeuKuUmNMt5wDUVDdFo:tHMvvA7OYGUke5HVDY
Malware Config
Targets
-
-
Target
c7b8c224a6cabae31557182788f7442a
-
Size
440KB
-
MD5
c7b8c224a6cabae31557182788f7442a
-
SHA1
b87bba5303a93b2f7d41037e864d81c208e955b8
-
SHA256
73eab7c739e178ac84370b78bcc5b969c693637144ae25ba56895a6ce28bc9db
-
SHA512
149db0b4a49f7234d1061b896f305da80abde917923b860bb1dc390952fbf3ee3609ae63150d10e6d0c273bbc48c46ce721aadb1a5be3a1429e49f8a7b9a5f26
-
SSDEEP
12288:tHM3/vAAOhOnYlPyeuKuUmNMt5wDUVDdFo:tHMvvA7OYGUke5HVDY
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1