General

  • Target

    VirusShare_065531ceadb0a80bd42cc67739895eeb

  • Size

    60KB

  • Sample

    240610-1cc23a1cqa

  • MD5

    065531ceadb0a80bd42cc67739895eeb

  • SHA1

    dde4f5357f048fb4cdd27a8406703e759ce1b8a1

  • SHA256

    1815549893a91785814054c932d7528ec34cab10f6045f7a514519c77feb9884

  • SHA512

    f7b3f541038bae8b5076e7a2a325112b9f59f43468c5bca7f7332e5567c4105a9e80c3a7b2ca98884c19cb7139337b289758ad40c9b554fe90b951d11eba24b7

  • SSDEEP

    768:1RyCTbargdMK64r0lUPJNAggN1qU5uro4p9zHKVaGgwKgp://F6LYJNAguMU54o4bNNwV

Score
10/10

Malware Config

Targets

    • Target

      VirusShare_065531ceadb0a80bd42cc67739895eeb

    • Size

      60KB

    • MD5

      065531ceadb0a80bd42cc67739895eeb

    • SHA1

      dde4f5357f048fb4cdd27a8406703e759ce1b8a1

    • SHA256

      1815549893a91785814054c932d7528ec34cab10f6045f7a514519c77feb9884

    • SHA512

      f7b3f541038bae8b5076e7a2a325112b9f59f43468c5bca7f7332e5567c4105a9e80c3a7b2ca98884c19cb7139337b289758ad40c9b554fe90b951d11eba24b7

    • SSDEEP

      768:1RyCTbargdMK64r0lUPJNAggN1qU5uro4p9zHKVaGgwKgp://F6LYJNAguMU54o4bNNwV

    Score
    10/10
    • Modifies WinLogon for persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks