Overview

overview

10

Static

static

3

SilverClient.exe

windows7-x64

6

SilverClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SilverClient.exe

  • Size

    39KB

  • Sample

    240528-ry8anaac76

  • MD5

    7ffade3507754f31e714b13da3af1eab

  • SHA1

    4aa74757a257e0c71f8c770f537cbc3e0c76ecef

  • SHA256

    edb6be3fd6f4e49b8ce4144996db6ca08ac274d777face553ad84fe6c3d21011

  • SHA512

    076b2eabee2961d689b8b4e216d84e7cf048fc8174d30b617dac8fb72b29f755c8cfbf012acb6e3a4e2995aa5a8149694d0c06a197abec111fc3301eb5c66140

  • SSDEEP

    768:a2P7BLBW9U/hnvREaKv34+VnWuPlqJ01c0RU7jTXz1QB6S8gQ1QriOoQSKTt0bE:ZTBYQEaKvpPlH1c0G/1Qonh1FOo5K5GE

Score
10/10
evasiontrojan

Malware Config

Targets

    • Target

      SilverClient.exe

    • Size

      39KB

    • MD5

      7ffade3507754f31e714b13da3af1eab

    • SHA1

      4aa74757a257e0c71f8c770f537cbc3e0c76ecef

    • SHA256

      edb6be3fd6f4e49b8ce4144996db6ca08ac274d777face553ad84fe6c3d21011

    • SHA512

      076b2eabee2961d689b8b4e216d84e7cf048fc8174d30b617dac8fb72b29f755c8cfbf012acb6e3a4e2995aa5a8149694d0c06a197abec111fc3301eb5c66140

    • SSDEEP

      768:a2P7BLBW9U/hnvREaKv34+VnWuPlqJ01c0RU7jTXz1QB6S8gQ1QriOoQSKTt0bE:ZTBYQEaKvpPlH1c0G/1Qonh1FOo5K5GE

    Score
    10/10
    evasiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks