General

  • Target

    ecbe5fc91c1f222a1c53519063e12f750bec0bc4eb392776de2ebcec58d77287.exe

  • Size

    396KB

  • Sample

    240603-qphszahc73

  • MD5

    6c40adafc072321f2ca0749ff31adac8

  • SHA1

    994c395789f7c3c064ac9496f1f90bf2d5aa33c4

  • SHA256

    ecbe5fc91c1f222a1c53519063e12f750bec0bc4eb392776de2ebcec58d77287

  • SHA512

    042494f2b69f2b63b3351a4f132edb16fd767b3b90341cea8eb85b0262046e82e9cf819af637f64345a3e7c1111b2858132d003706f70b11a6a0574cae716d26

  • SSDEEP

    6144:XtZbmAu+BaXfIgewe/J9MpRQ5mk1AC3G+FeB7UeVOKsYbwjuEVOULvkyXQWaxZtJ:qbMaXAxx9Mpm5m8TgZDVfsY8iGQ/tfbd

Score
8/10

Malware Config

Targets

    • Target

      ecbe5fc91c1f222a1c53519063e12f750bec0bc4eb392776de2ebcec58d77287.exe

    • Size

      396KB

    • MD5

      6c40adafc072321f2ca0749ff31adac8

    • SHA1

      994c395789f7c3c064ac9496f1f90bf2d5aa33c4

    • SHA256

      ecbe5fc91c1f222a1c53519063e12f750bec0bc4eb392776de2ebcec58d77287

    • SHA512

      042494f2b69f2b63b3351a4f132edb16fd767b3b90341cea8eb85b0262046e82e9cf819af637f64345a3e7c1111b2858132d003706f70b11a6a0574cae716d26

    • SSDEEP

      6144:XtZbmAu+BaXfIgewe/J9MpRQ5mk1AC3G+FeB7UeVOKsYbwjuEVOULvkyXQWaxZtJ:qbMaXAxx9Mpm5m8TgZDVfsY8iGQ/tfbd

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      bedc62999ac18818bce9844a95fa34f2

    • SHA1

      ff80c71aad6261eb58f2a871c77e4357b9e49d4d

    • SHA256

      c0bc748966ed96502be2269ab7696d0551f158d1f0e91c539eced6eddaa1f168

    • SHA512

      2d0d6397a87e0f5ec1a16e6c849bf1afee4de7eca184c79cf1ac34cff3d0449080c1c14ae163f02f52ea079e285d1ab0e2117a965c008346b02ca8a817a48076

    Score
    1/10
    • Target

      $PLUGINSDIR/BgImage.dll

    • Size

      7KB

    • MD5

      1f56d9c34643cc8033ec8e628df11cfb

    • SHA1

      1231b571a298c16a1f618799fc7d20b72ccb2747

    • SHA256

      c1593d641b89c8cf294ce4efeaea5d0a69b095f04947ecdabbef73d3225d3480

    • SHA512

      a0c80e6f5c4aa6f34b601951033b709944d3522a6faefad11d9d8f1b4398d379d4e5618029c8134204f344e8a71bfff4e19c2d6693f2119ffd05e67dd9148d24

    • SSDEEP

      96:8eU0AKTIfv7QCUsthvNL85s4lk38Eb3CDfvEh8uLzqkfnLiEQjJ3KxkP:tGBfjbUA/85q3wEh8uLm2LpmP

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks