Overview

overview

10

Static

static

3

9e904d303e...dN.exe

windows7-x64

5

9e904d303e...dN.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9e904d303ed7a7ec9be68242030049d2639799b19a19246d82daf114890f36fdN

  • Size

    163KB

  • Sample

    241003-ja64pa1hjj

  • MD5

    f89a9c91b35673d634cadd68048705b0

  • SHA1

    ba2a5750fef67b9d772d65c4eba5a4072b80abdd

  • SHA256

    9e904d303ed7a7ec9be68242030049d2639799b19a19246d82daf114890f36fd

  • SHA512

    5bfa63b849d547ae024770c8a4693155eed70500a831472d84550b894d93537d436f661604fa83c0412cf7db2243385c174c8bba7d833560b30356baceacaf1d

  • SSDEEP

    3072:F3qHYCVBK1vtbYA6neZf2fLURkaGyhrqTrBecu7:lqHYCyLl6neZufLUGyhrqnBrI

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      9e904d303ed7a7ec9be68242030049d2639799b19a19246d82daf114890f36fdN

    • Size

      163KB

    • MD5

      f89a9c91b35673d634cadd68048705b0

    • SHA1

      ba2a5750fef67b9d772d65c4eba5a4072b80abdd

    • SHA256

      9e904d303ed7a7ec9be68242030049d2639799b19a19246d82daf114890f36fd

    • SHA512

      5bfa63b849d547ae024770c8a4693155eed70500a831472d84550b894d93537d436f661604fa83c0412cf7db2243385c174c8bba7d833560b30356baceacaf1d

    • SSDEEP

      3072:F3qHYCVBK1vtbYA6neZf2fLURkaGyhrqTrBecu7:lqHYCyLl6neZufLUGyhrqnBrI

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks