Overview

overview

8

Static

static

1

support.Client.exe

windows7-x64

8

support.Client.exe

windows10-2004-x64

8

Resubmissions

30/09/2024, 22:25

240930-2b6hnasbnf 10

30/09/2024, 22:06

240930-1z9dsa1epe 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    support.Client.exe

  • Size

    81KB

  • Sample

    240930-1z9dsa1epe

  • MD5

    c60e1d2fa379cdf3b54b83f126e0e2d2

  • SHA1

    02ed2a2995895528a8afdabf9f46dd11fb524a3b

  • SHA256

    6cd959428b2068acf99f3209f11e4200a150cac2465fe990048afc4c7290696b

  • SHA512

    988976823478ed6dd26d14cd975abaaab68b6bd7186626d3076c1c73fd47a95fbbfb5d5621f9c4602c98f91e45d209d7fd41ca4c14802a05c0aa39c785f8b687

  • SSDEEP

    1536:5oG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaxPBJYYX7QxD:DenkyfPAwiMq0RqRfbaxZJYYX

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      support.Client.exe

    • Size

      81KB

    • MD5

      c60e1d2fa379cdf3b54b83f126e0e2d2

    • SHA1

      02ed2a2995895528a8afdabf9f46dd11fb524a3b

    • SHA256

      6cd959428b2068acf99f3209f11e4200a150cac2465fe990048afc4c7290696b

    • SHA512

      988976823478ed6dd26d14cd975abaaab68b6bd7186626d3076c1c73fd47a95fbbfb5d5621f9c4602c98f91e45d209d7fd41ca4c14802a05c0aa39c785f8b687

    • SSDEEP

      1536:5oG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaxPBJYYX7QxD:DenkyfPAwiMq0RqRfbaxZJYYX

    Score
    8/10
    discoverypersistence

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Downloads MZ/PE file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks