General
-
Target
7tsp GUI v0.6(2019).exe
-
Size
3.9MB
-
Sample
240817-zcfmhsyanl
-
MD5
0fc4b5592e3b58f1fc87d5ef81de981a
-
SHA1
f9408f54be6540ccaf7ce0b9dbb80b81afd83ca8
-
SHA256
090c9e214599150f6ed241171bb2107e04d13bfa5e74927b094b139eae280b65
-
SHA512
648228bc4c599804a573ca7b108727bfd2504c221325d2b3d92d0655663bde863ad9720facc9a54ae7ca99f4d0f65967e7aa445c63b6567a399e081118dcfa13
-
SSDEEP
98304:+KeDBgMNTwmVKhf79kBoHKVa8emhb8C3W8T4aBFvP7Y5Iks:+KurwJxncFz3BX7Y5k
Behavioral task
behavioral1
Sample
7tsp GUI v0.6(2019).exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
7tsp GUI v0.6(2019).exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
out.exe
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
out.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
7tsp GUI v0.6(2019).exe
-
Size
3.9MB
-
MD5
0fc4b5592e3b58f1fc87d5ef81de981a
-
SHA1
f9408f54be6540ccaf7ce0b9dbb80b81afd83ca8
-
SHA256
090c9e214599150f6ed241171bb2107e04d13bfa5e74927b094b139eae280b65
-
SHA512
648228bc4c599804a573ca7b108727bfd2504c221325d2b3d92d0655663bde863ad9720facc9a54ae7ca99f4d0f65967e7aa445c63b6567a399e081118dcfa13
-
SSDEEP
98304:+KeDBgMNTwmVKhf79kBoHKVa8emhb8C3W8T4aBFvP7Y5Iks:+KurwJxncFz3BX7Y5k
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-
-
-
Target
out.upx
-
Size
746KB
-
MD5
7d798c699c708eed93886cfc5c786629
-
SHA1
447c76b6fff55a6a2e05402f629e8b1804ef6100
-
SHA256
88328d964eaff86faf1149bbe38a1b749270016bdbbacb8d9ad38de59262dff9
-
SHA512
b0ca4c16b7e6ab174cd27626e3decf21ceb773ec96b32eeb8e701694202cf9a4b341876a202807fb3d29301c75d7e4fb16305fe33eb3fbf5f917805c65aa552c
-
SSDEEP
12288:5Lkcoxg7v3qnC11ErwIhh0F4qwUgUnyTIjL:9fmMv6Ckr7MnyMjL
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1