Overview

overview

7

Static

static

3

153c188cd9...36.exe

windows7-x64

7

153c188cd9...36.exe

windows10-2004-x64

7

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    153c188cd936975cbc916b08b0b6d3d32d526e3e126f0843877bf3a44389d536.exe

  • Size

    627KB

  • Sample

    240905-pq8kca1gqb

  • MD5

    342d7b2b1f3bf1be39496effcdd9ffd8

  • SHA1

    c6f94540d29b679e3e57d4e0c8e9b4f356682f43

  • SHA256

    153c188cd936975cbc916b08b0b6d3d32d526e3e126f0843877bf3a44389d536

  • SHA512

    a939ff45f6d4b3c5fa4d0be54cbbc764ccb58b97553334293dc5ae16928def5ebae4816adff294ad0da831fc9b549aba6af4af2bcd2b99225b34a29423efd556

  • SSDEEP

    12288:5rRo7TKXllTf+RbKDhsm1oDlOW5cJphWiJ1kIS+BrA:JC7TKXlFf62DhoDlO+gphZJmIS+hA

Score
7/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      153c188cd936975cbc916b08b0b6d3d32d526e3e126f0843877bf3a44389d536.exe

    • Size

      627KB

    • MD5

      342d7b2b1f3bf1be39496effcdd9ffd8

    • SHA1

      c6f94540d29b679e3e57d4e0c8e9b4f356682f43

    • SHA256

      153c188cd936975cbc916b08b0b6d3d32d526e3e126f0843877bf3a44389d536

    • SHA512

      a939ff45f6d4b3c5fa4d0be54cbbc764ccb58b97553334293dc5ae16928def5ebae4816adff294ad0da831fc9b549aba6af4af2bcd2b99225b34a29423efd556

    • SSDEEP

      12288:5rRo7TKXllTf+RbKDhsm1oDlOW5cJphWiJ1kIS+BrA:JC7TKXlFf62DhoDlO+gphZJmIS+hA

    Score
    7/10
    discoveryexecutionpersistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/BgImage.dll

    • Size

      7KB

    • MD5

      a615e590815c8a602bb697ccd2421c38

    • SHA1

      c88e5006622146b3d5acbdc3639bad06066c1c0c

    • SHA256

      446a45a23c01944a0c23f59f4967890f199d7f4bca77793c4e1a54c04bdef44d

    • SHA512

      a45c4c177db16e9f0b122c45cd16b856b4f99a33052c4e248d5d997a4eedb2be690a797a92d042c3de62ee098cb1b2be8cb9dae2d8b11cfcff77fd46d7902f90

    • SSDEEP

      96:8eM0AKTIfv7QCUsthvNL85s4lk38Eb3CDfvEh8uLzqkvnLiEQjJ3KxkP:tuBfjbUA/85q3wEh8uLmWLpmP

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      eb2c74e05b30b29887b3219f4ea3fdab

    • SHA1

      91173d46b34e7bae57acabdbd239111b5bcc4d9e

    • SHA256

      d253ca5aba34b925796777893f114cc741b015af7868022ab1db2341288c55ed

    • SHA512

      1bb035260223ec585170f891c2624b9ae98671f225e74b913b40bb77b66e3b9c2016037bc8e4b0ae16367d82590a60a0a3bd95d05139ea2454f02020d1b54dae

    • SSDEEP

      96:oVDlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx488qndYv0PLE:oVp34z/x3sREskpxjdO0PLE

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks