Overview

overview

7

Static

static

3

f9e269469a...c0.exe

windows7-x64

7

f9e269469a...c0.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9e269469a8949bbd63c9bad527a777f145b98b5d171588a646621ca136489c0.exe

  • Size

    759KB

  • Sample

    240523-cpz6csad58

  • MD5

    76523b7a1bd75e4d76d927582d35586d

  • SHA1

    8a94d55306ca5fbfc3600218ecb56fbe8dd2b1c7

  • SHA256

    f9e269469a8949bbd63c9bad527a777f145b98b5d171588a646621ca136489c0

  • SHA512

    71bab5884a789ceb287610d2232a66324cb9310a99a1c71a233fd8bc2eeddefd981752d063f6e06fa02d039aaf6c375a5bbe363c6bddc7a3dc0f9e4b26cf3a61

  • SSDEEP

    12288:WNn1cVGGV2eZS6fEL2C/dqIWWKsjRNUQBbnnW1r8m0SlMkQ26ZV6rZD3I8:WN6VGGAeZ4bdq7psjRaQBrnWB8b/kV8c

Score
7/10

Malware Config

Targets

    • Target

      f9e269469a8949bbd63c9bad527a777f145b98b5d171588a646621ca136489c0.exe

    • Size

      759KB

    • MD5

      76523b7a1bd75e4d76d927582d35586d

    • SHA1

      8a94d55306ca5fbfc3600218ecb56fbe8dd2b1c7

    • SHA256

      f9e269469a8949bbd63c9bad527a777f145b98b5d171588a646621ca136489c0

    • SHA512

      71bab5884a789ceb287610d2232a66324cb9310a99a1c71a233fd8bc2eeddefd981752d063f6e06fa02d039aaf6c375a5bbe363c6bddc7a3dc0f9e4b26cf3a61

    • SSDEEP

      12288:WNn1cVGGV2eZS6fEL2C/dqIWWKsjRNUQBbnnW1r8m0SlMkQ26ZV6rZD3I8:WN6VGGAeZ4bdq7psjRaQBrnWB8b/kV8c

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      12b140583e3273ee1f65016becea58c4

    • SHA1

      92df24d11797fefd2e1f8d29be9dfd67c56c1ada

    • SHA256

      014f1dfeb842cf7265a3644bc6903c592abe9049bfc7396829172d3d72c4d042

    • SHA512

      49ffdfa1941361430b6acb3555fd3aa05e4120f28cbdf7ceaa2af5937d0b8cccd84471cf63f06f97cf203b4aa20f226bdad082e9421b8e6b62ab6e1e9fc1e68a

    • SSDEEP

      192:gFiQJ77pJp17C8F1A5xjGNxrgFOgb7lrT/nC93:E7pJp48F2exrg5F/C

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks