General
-
Target
ce2dba593ed3afedfa00a8de8887ec8b
-
Size
140KB
-
Sample
240316-qtrlnsea32
-
MD5
ce2dba593ed3afedfa00a8de8887ec8b
-
SHA1
6b3013cd9d10b9f20b418854f1363294e23ba7a4
-
SHA256
78dbb664e2867fcd227510cf53111638990a15fe792ea04641f10aa9fcff1258
-
SHA512
a24684aecbe0bb05c5f6a0dcca744133cb35277236563d710bbea12860ba0d7a858cb74e31ffae829a9786224f8d8ac4d4d99f2ebb1a0612680c7243f7c69fe9
-
SSDEEP
3072:ZBWePozVRNzRMMTTpN28eNuvOkkFPl88bu28f:ZBNQ1PTH2FNDJ2Eu2s
Static task
static1
Behavioral task
behavioral1
Sample
ce2dba593ed3afedfa00a8de8887ec8b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ce2dba593ed3afedfa00a8de8887ec8b.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ce2dba593ed3afedfa00a8de8887ec8b
-
Size
140KB
-
MD5
ce2dba593ed3afedfa00a8de8887ec8b
-
SHA1
6b3013cd9d10b9f20b418854f1363294e23ba7a4
-
SHA256
78dbb664e2867fcd227510cf53111638990a15fe792ea04641f10aa9fcff1258
-
SHA512
a24684aecbe0bb05c5f6a0dcca744133cb35277236563d710bbea12860ba0d7a858cb74e31ffae829a9786224f8d8ac4d4d99f2ebb1a0612680c7243f7c69fe9
-
SSDEEP
3072:ZBWePozVRNzRMMTTpN28eNuvOkkFPl88bu28f:ZBNQ1PTH2FNDJ2Eu2s
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1