Overview

overview

7

Static

static

3

32acc28318...e8.exe

windows7-x64

7

32acc28318...e8.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32acc283188b9c7578a49f288c7adbc7b33a96bb25bcd03057bda02c0f003be8.exe

  • Size

    246KB

  • Sample

    240523-bn3pesgd69

  • MD5

    819efcf6f8669243f3ac2ee6dabc9d8f

  • SHA1

    7c14a7a4701066ec8c7e4cceba089dc0b6f3f8be

  • SHA256

    32acc283188b9c7578a49f288c7adbc7b33a96bb25bcd03057bda02c0f003be8

  • SHA512

    c3b8832488e7702d917331709766bd544df0e10a7efc6aeff37b8105c092e43f4b890e9ac02449d3651b180bafacfb79f354e1651cd25abd849588577763d198

  • SSDEEP

    3072:liFi6z/VXzAf3ocDmvQEMpvbAGrXX24tfUQsxQlseOcIWNI5FM9eYh3W/SmizUOb:UxFSbDAGrn24tAQPI5FohhISOOb

Score
7/10
persistence

Malware Config

Targets

    • Target

      32acc283188b9c7578a49f288c7adbc7b33a96bb25bcd03057bda02c0f003be8.exe

    • Size

      246KB

    • MD5

      819efcf6f8669243f3ac2ee6dabc9d8f

    • SHA1

      7c14a7a4701066ec8c7e4cceba089dc0b6f3f8be

    • SHA256

      32acc283188b9c7578a49f288c7adbc7b33a96bb25bcd03057bda02c0f003be8

    • SHA512

      c3b8832488e7702d917331709766bd544df0e10a7efc6aeff37b8105c092e43f4b890e9ac02449d3651b180bafacfb79f354e1651cd25abd849588577763d198

    • SSDEEP

      3072:liFi6z/VXzAf3ocDmvQEMpvbAGrXX24tfUQsxQlseOcIWNI5FM9eYh3W/SmizUOb:UxFSbDAGrn24tAQPI5FohhISOOb

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      792b6f86e296d3904285b2bf67ccd7e0

    • SHA1

      966b16f84697552747e0ddd19a4ba8ab5083af31

    • SHA256

      c7a20bcaa0197aedddc8e4797bbb33fdf70d980f5e83c203d148121c2106d917

    • SHA512

      97edc3410b88ca31abc0af0324258d2b59127047810947d0fb5e7e12957db34d206ffd70a0456add3a26b0546643ff0234124b08423c2c9ffe9bdec6eb210f2c

    • SSDEEP

      192:rFiQJ771Jt17C8F1A5xjGNNvgFOiLb7lrT/L93:X71Jt48F2eNvgFF/L

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      5aa38904acdcc21a2fb8a1d30a72d92f

    • SHA1

      a9ce7d1456698921791db91347dba0489918d70c

    • SHA256

      10675f13abaee592f14382349aa35d82fb52aab4e27eef61d0c83dec1f6b73da

    • SHA512

      f04740da561d7cd0dea5e839c9e1c339d4a3e63944d3566c94c921a3d170a69918a32dff3f3b43f13d55cc25a2dbb4c21104f062c324308ac5104179766402a3

    • SSDEEP

      96:AOBtEB2flLkatAthPZJoi9jpfW/er6cBbcB/NFyVOHd0+uHwEX:AhB2flXAVJtjf6cBbcB/N8Ved0PZ

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks