General
-
Target
db3275e7fa96a10977e2e602cfe083be
-
Size
225KB
-
Sample
240321-kmr1zaff68
-
MD5
db3275e7fa96a10977e2e602cfe083be
-
SHA1
ebd2d9cee5a22778069f4520f74aa594b960c28f
-
SHA256
082f822a1420c9a7a253e5694437c27cf7ac7d6e92475e4182077d0be226c80e
-
SHA512
8d4b8e7b26f0fc637d4ad889dc43a186bf07c41246694680d5e933b8a9a645ab3238d44c17fa9f23c752adc46e3dcc5ef88b4a2a60f9811e7a404d442b54fca3
-
SSDEEP
3072:OJIcH/KbVY1/lHnb0YuzOn38sA7evl6DkRYIIJZjiBxuuvLaY5QG6MKvaQb:OCcHyiNlH1n38sJ5YvbjiBxujM6MKCQb
Static task
static1
Behavioral task
behavioral1
Sample
db3275e7fa96a10977e2e602cfe083be.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
db3275e7fa96a10977e2e602cfe083be.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
db3275e7fa96a10977e2e602cfe083be
-
Size
225KB
-
MD5
db3275e7fa96a10977e2e602cfe083be
-
SHA1
ebd2d9cee5a22778069f4520f74aa594b960c28f
-
SHA256
082f822a1420c9a7a253e5694437c27cf7ac7d6e92475e4182077d0be226c80e
-
SHA512
8d4b8e7b26f0fc637d4ad889dc43a186bf07c41246694680d5e933b8a9a645ab3238d44c17fa9f23c752adc46e3dcc5ef88b4a2a60f9811e7a404d442b54fca3
-
SSDEEP
3072:OJIcH/KbVY1/lHnb0YuzOn38sA7evl6DkRYIIJZjiBxuuvLaY5QG6MKvaQb:OCcHyiNlH1n38sJ5YvbjiBxujM6MKCQb
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1