Overview

overview

10

Static

static

3

Endermanch...19.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Live Protection Suite 2019.zip

  • Size

    1010KB

  • Sample

    240704-ze5dnazenb

  • MD5

    7a5994fab80a2ed6adf59a93c7bc2d88

  • SHA1

    fe2ddcefd45c378dfb19817de118fcf151c59b1f

  • SHA256

    6ebad2ea4d537eb1ce11dd19d495fca3e2b8b4e50140d9b241b71f5f1bc71804

  • SHA512

    5ba499f12ed0a5de31350530402327dc323aae7d414ee972bd652265e5226adef71d94c0b52a3bf0ebe8f95081c3c27708758ef15da58163492afdb664e08ad2

  • SSDEEP

    24576:GZTNiabEMrMDc3Hf80xcwCz+cjMhnY7zMCSbkDOBa3aizyvlZ1jJnap:G1Ni8EMIcXdewOXMcMfa3p4z15ap

Score
10/10
persistence

Malware Config

Targets

    • Target

      [email protected]

    • Size

      1.1MB

    • MD5

      2eb3ce80b26345bd139f7378330b19c1

    • SHA1

      10122bd8dd749e20c132d108d176794f140242b0

    • SHA256

      8abed3ea04d52c42bdd6c9169c59212a7d8c649c12006b8278eda5aa91154cd2

    • SHA512

      e3223cd07d59cd97893304a3632b3a66fd91635848160c33011c103cca2badbfe9b78fe258666b634e455872f3a98889ede5a425d8fae91cae6983da1ea1190a

    • SSDEEP

      24576:pXhZgPlmWcA4Te9+g6+lET/+xRXKRwFSmjTGIWrwg:xInpSe99pCkRXKRMdGIWrN

    Score
    10/10
    persistence

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks