Overview

overview

7

Static

static

3

1f4063a9b2...16.exe

windows7-x64

7

1f4063a9b2...16.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f4063a9b29a0125ea9cf49e59ed6e2dd0d70c8b155ebab5fc7ef33597b6d416.exe

  • Size

    1.3MB

  • Sample

    240522-bmgessfh2v

  • MD5

    de73849a5a50839be702dc2808227f63

  • SHA1

    e194a423c5ecbd3e6b5724b94afeac36bd73eb3f

  • SHA256

    1f4063a9b29a0125ea9cf49e59ed6e2dd0d70c8b155ebab5fc7ef33597b6d416

  • SHA512

    6771812f5cc5a206ad66dc3fe848f4f2199568d59b78bd42583c241c9bbd3ad34b2a7556df7a9eeae8d78c2ac46ab36d2fc36257a50844ba7fe970ba9125a1db

  • SSDEEP

    24576:O9Q0lIVTRJpFbUWlEPVSq299xFrXJy/U77VaaG8uosbrDqa1VHWTcSdmWDxbLn/O:oQ0lsRTFbUWOPVSqsdAM77YoOrDX1l2s

Score
7/10

Malware Config

Targets

    • Target

      1f4063a9b29a0125ea9cf49e59ed6e2dd0d70c8b155ebab5fc7ef33597b6d416.exe

    • Size

      1.3MB

    • MD5

      de73849a5a50839be702dc2808227f63

    • SHA1

      e194a423c5ecbd3e6b5724b94afeac36bd73eb3f

    • SHA256

      1f4063a9b29a0125ea9cf49e59ed6e2dd0d70c8b155ebab5fc7ef33597b6d416

    • SHA512

      6771812f5cc5a206ad66dc3fe848f4f2199568d59b78bd42583c241c9bbd3ad34b2a7556df7a9eeae8d78c2ac46ab36d2fc36257a50844ba7fe970ba9125a1db

    • SSDEEP

      24576:O9Q0lIVTRJpFbUWlEPVSq299xFrXJy/U77VaaG8uosbrDqa1VHWTcSdmWDxbLn/O:oQ0lsRTFbUWOPVSqsdAM77YoOrDX1l2s

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      b8992e497d57001ddf100f9c397fcef5

    • SHA1

      e26ddf101a2ec5027975d2909306457c6f61cfbd

    • SHA256

      98bcd1dd88642f4dd36a300c76ebb1ddfbbbc5bfc7e3b6d7435dc6d6e030c13b

    • SHA512

      8823b1904dccfaf031068102cb1def7958a057f49ff369f0e061f1b4db2090021aa620bb8442a2a6ac9355bb74ee54371dc2599c20dc723755a46ede81533a3c

    • SSDEEP

      192:PPtkumJX7zB22kGwfy0mtVgkCPOs81un:E702k5qpds8Qn

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks