Overview

overview

8

Static

static

3

loader.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    loader.exe

  • Size

    35.6MB

  • Sample

    240511-ltcqasec99

  • MD5

    fe28a988da9b31efc93c6b69640453d6

  • SHA1

    af875bf0ac33a79c62b0670b218b4149cb1077fd

  • SHA256

    d31b9bc33b212c43130c8904d141726762a2a42a873193bd909144d99e850f33

  • SHA512

    92e6b5ed1fdd05194f9329ab71e6928c32f7180caa3b1971ff64a8a905999159d73ca8e366806a10dee17fba0774d0ce81553e9a61f50a244fa7268219ff0e18

  • SSDEEP

    786432:bEmkjTRcmZ4cV+cXkVn4OgSy/wr5Z6XbD+HFdoSRx2InTUFd:bE9acDTSOw1ZicFdZ3lTU

Score
8/10
evasionexecution

Malware Config

Targets

    • Target

      loader.exe

    • Size

      35.6MB

    • MD5

      fe28a988da9b31efc93c6b69640453d6

    • SHA1

      af875bf0ac33a79c62b0670b218b4149cb1077fd

    • SHA256

      d31b9bc33b212c43130c8904d141726762a2a42a873193bd909144d99e850f33

    • SHA512

      92e6b5ed1fdd05194f9329ab71e6928c32f7180caa3b1971ff64a8a905999159d73ca8e366806a10dee17fba0774d0ce81553e9a61f50a244fa7268219ff0e18

    • SSDEEP

      786432:bEmkjTRcmZ4cV+cXkVn4OgSy/wr5Z6XbD+HFdoSRx2InTUFd:bE9acDTSOw1ZicFdZ3lTU

    Score
    8/10
    evasionexecution

    • Stops running service(s)

      evasionexecution

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

1
T1569

Service Execution

1
T1569.002

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

Query Registry

4
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

1
T1489

Resource Development

Reconnaissance

Tasks