Overview

overview

10

Static

static

10

1d97f5ac5b...0a.exe

windows7-x64

6

1d97f5ac5b...0a.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1d97f5ac5bc003e27f4a22637a0f8b7d1253ee42024d9a5277b5d4bc4fbc3f0a.exe

  • Size

    8.9MB

  • Sample

    241120-b4anksyblq

  • MD5

    53f78bd04a55106ae2a7a919bf0bd979

  • SHA1

    125db7323aed749a68addc8c8967f5369a5b0973

  • SHA256

    1d97f5ac5bc003e27f4a22637a0f8b7d1253ee42024d9a5277b5d4bc4fbc3f0a

  • SHA512

    ad9c23fbb00aa79f5ec7ddbc8b4367e72eeb6937ef6662dfec794b221dfff2db6c23334e71b579395f23fcb763fe7da0582571ee7fe0aff0f3a09f11b940387e

  • SSDEEP

    49152:K1XP6rPbNechC0bNechC0bNecIC0bNechC0bNechC0bNecj:K1+8e8e8f8e8e8e

Score
10/10
warzoneratdiscoverypersistencerat

Malware Config

Targets

    • Target

      1d97f5ac5bc003e27f4a22637a0f8b7d1253ee42024d9a5277b5d4bc4fbc3f0a.exe

    • Size

      8.9MB

    • MD5

      53f78bd04a55106ae2a7a919bf0bd979

    • SHA1

      125db7323aed749a68addc8c8967f5369a5b0973

    • SHA256

      1d97f5ac5bc003e27f4a22637a0f8b7d1253ee42024d9a5277b5d4bc4fbc3f0a

    • SHA512

      ad9c23fbb00aa79f5ec7ddbc8b4367e72eeb6937ef6662dfec794b221dfff2db6c23334e71b579395f23fcb763fe7da0582571ee7fe0aff0f3a09f11b940387e

    • SSDEEP

      49152:K1XP6rPbNechC0bNechC0bNecIC0bNechC0bNechC0bNecj:K1+8e8e8f8e8e8e

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks