Overview

overview

7

Static

static

3

setup_chri...60.exe

windows7-x64

7

setup_chri...60.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    de47c9897ed16ced574ad92ad0f9c10d_JaffaCakes118

  • Size

    5.6MB

  • Sample

    240913-n85qqs1bma

  • MD5

    de47c9897ed16ced574ad92ad0f9c10d

  • SHA1

    ace78ea35377e28e4cdeeea709da22610736dae4

  • SHA256

    1cb136958cdf2400414303001f4ef8d164556596ec9c6cc9ebe06ee5d4438b75

  • SHA512

    f9f430d36e5b9e5095dee2783997e67e2dc00205c43a9b926c0069afc42d1fd99c6459ba6d84d698be2ff4145aa13096c572b8d8305c6c5d4244599cc3ad70b8

  • SSDEEP

    98304:QIGY2RZzUwtBU5ypaAuBTPd6/rXDf0wK3REKflxXxeChzWL5QadiYD2fdX:VOjzUIWSaAuB0/rX2BzflxXxtWO3X

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      setup_christv_online_premium_5_60.exe

    • Size

      5.6MB

    • MD5

      199b3fcf3e54d8bb33881b532b64c69a

    • SHA1

      f7297aadf0b996bfdd62a8ef4f9f39ebc04dac12

    • SHA256

      0202dd73b2bec6d9e788431271f8db1bdf8cfff645422dc4d82047d955bcc19c

    • SHA512

      f16a97876112956c3321858797feb0cf0dc4eb1f01b3926e018d7117dc13552634cf087a0ca80c37ae0c69135f4bdb5180195a994f8a7235a6c7960419b8af27

    • SSDEEP

      98304:77p22Th38RZLh3hIoyPvqlHzLkIh1BzSHVisYbzwNeiEy2Ql/uXCo4U8o0+sFYbg:Xp22N+l33yYHzdUVisYbUN3GCFU82sFm

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks