Overview

overview

8

Static

static

3

Documente ...90.exe

windows7-x64

8

Documente ...90.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06092024140606092024Documentedeexpediere00082209990.img

  • Size

    1.2MB

  • Sample

    240906-t3n4pawglr

  • MD5

    21dc1f3ef2aa44a6b298ee2874be701c

  • SHA1

    69ccd78e40ee07d38b40532af1e37988bf148439

  • SHA256

    5b7bf7ef1eb3f64d33b3ccaaf1642dcb4639f12af2445d3101fad08eebb5e01c

  • SHA512

    812ce2431a4fe81f9152fc5bb6c8b6d1038fd66ad2e6f77356141efb29c092e3e9a6a609fa50817f047de3ae8a3c1d29b826f5adeca98bf4296d7680da9634ec

  • SSDEEP

    12288:Gv4VRwU+MuUpW+zBj32WBNdlFwP0nRU1:G4V/DuUptj3TfeP0W

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      Documente de expediere 00082209990.bat

    • Size

      693KB

    • MD5

      5677c1ab6df01bb8bde01daa76c5b7c1

    • SHA1

      37f1c3b9c45d031e50ff29d3c0f1247b590460ec

    • SHA256

      3d13042cb531b94c9d7a637d3f7831b9811880b0424c75d03a1a0db40023813c

    • SHA512

      60ce57d0bb3de15a9a518743d43ff921b8ee2c96174a93e4c3ff184fbc20adc29945ad3dbe8b71644419c9bc3b57f7fd64e70cf43a0adc809c0d98fa58903004

    • SSDEEP

      12288:Yv4VRwU+MuUpW+zBj32WBNdlFwP0nRU1d:U4V/DuUptj3TfeP0Wn

    Score
    8/10
    discoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks