Overview

overview

8

Static

static

3

09fb5016ed...93.exe

windows7-x64

5

09fb5016ed...93.exe

windows10-2004-x64

5

Microbars/...ne.ps1

windows7-x64

8

Microbars/...ne.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09fb5016edffd40b1ec16251b8e24793.exe

  • Size

    393KB

  • Sample

    240428-k7bvgscf41

  • MD5

    09fb5016edffd40b1ec16251b8e24793

  • SHA1

    482453c387f29a1e137284993b480c9d41251635

  • SHA256

    0aa8854411a4425eb86658545788feb9f69529b80c29964b8c6d0ee5314ae860

  • SHA512

    37f163a26c856cd203e1a6ff7742ef1f9c9543b2f9c59b6734a06f2aa64b5c63d1f48087a60fac2a490708b13ca3cc39d0ceab3a070956ffa452eac92df85c3e

  • SSDEEP

    6144:j0xJt5VEpswfE/km+ZTKb4Aws5tevTfI18WUCnScdyhPd0SZo3r2VHPXDwg:j0Z4pV+kmF4Ug0SUwIqFXsg

Score
8/10
persistence

Malware Config

Targets

    • Target

      09fb5016edffd40b1ec16251b8e24793.exe

    • Size

      393KB

    • MD5

      09fb5016edffd40b1ec16251b8e24793

    • SHA1

      482453c387f29a1e137284993b480c9d41251635

    • SHA256

      0aa8854411a4425eb86658545788feb9f69529b80c29964b8c6d0ee5314ae860

    • SHA512

      37f163a26c856cd203e1a6ff7742ef1f9c9543b2f9c59b6734a06f2aa64b5c63d1f48087a60fac2a490708b13ca3cc39d0ceab3a070956ffa452eac92df85c3e

    • SSDEEP

      6144:j0xJt5VEpswfE/km+ZTKb4Aws5tevTfI18WUCnScdyhPd0SZo3r2VHPXDwg:j0Z4pV+kmF4Ug0SUwIqFXsg

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      Microbars/Arkaiserede/liebhaverierne.Osc

    • Size

      58KB

    • MD5

      ca51e3150cbaa4e20b01290992568e3c

    • SHA1

      bf51d2fd48af7704281eed33bbdc500fead8052c

    • SHA256

      6515d4ba44949007af0fbf96996dc256facc4882040bf3460ad5b54be7c2e3e9

    • SHA512

      8547b1848ef1789053eeac2a8e619c0a503154da9635fb552f8d353cee20607316bd18d2ea4d59f38db9ccc653bcb1fdce573cedce2be0e3366f37cfb79d78c1

    • SSDEEP

      1536:BCzccBkernvW3W20v5NELshT9v8wLhWW77AjEIpy3:B0hBkkneR0vht377AjEIpy

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks