General

  • Target

    sample.exe

  • Size

    405KB

  • Sample

    240820-s77k6athmq

  • MD5

    82445b614a19b6dd8b0cc300df368fb5

  • SHA1

    00bbc0ce4c476a3808fa94257c8b19d72b686c61

  • SHA256

    419f5936bb164413541c97966c9074e7f20e49949f005f94c7800784245c6ffd

  • SHA512

    05c5d04e1c2d0cd32ee0a3c284466d23156e2fdb64de1d54b15e73d53e2ec2012340c7f56b7e2e24bae01c01fcbeee7698b62e5807f7f6c50191be99f8d53279

  • SSDEEP

    6144:NtXZXfpALF2QGmlcc+Ag3IDFe2hySyChuHwEsLPXmvpW+Qm0N85WOX/i1UBml:NtjALF2QGm6cWEDhy1WyQL/qpWU56Ucl

Score
7/10

Malware Config

Targets

    • Target

      sample.exe

    • Size

      405KB

    • MD5

      82445b614a19b6dd8b0cc300df368fb5

    • SHA1

      00bbc0ce4c476a3808fa94257c8b19d72b686c61

    • SHA256

      419f5936bb164413541c97966c9074e7f20e49949f005f94c7800784245c6ffd

    • SHA512

      05c5d04e1c2d0cd32ee0a3c284466d23156e2fdb64de1d54b15e73d53e2ec2012340c7f56b7e2e24bae01c01fcbeee7698b62e5807f7f6c50191be99f8d53279

    • SSDEEP

      6144:NtXZXfpALF2QGmlcc+Ag3IDFe2hySyChuHwEsLPXmvpW+Qm0N85WOX/i1UBml:NtjALF2QGm6cWEDhy1WyQL/qpWU56Ucl

    Score
    7/10
    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      7399323923e3946fe9140132ac388132

    • SHA1

      728257d06c452449b1241769b459f091aabcffc5

    • SHA256

      5a1c20a3e2e2eb182976977669f2c5d9f3104477e98f74d69d2434e79b92fdc3

    • SHA512

      d6f28ba761351f374ae007c780be27758aea7b9f998e2a88a542eede459d18700adffe71abcb52b8a8c00695efb7ccc280175b5eeb57ca9a645542edfabb64f1

    • SSDEEP

      192:eF2HS5ih/7i00dWz9T7PH6lOFcQMI5+Vw+bPFomi7dJWsP:rSUmlw9T7DmnI5+N273FP

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks