Overview

overview

10

Static

static

3

5b21972284...3e.exe

windows7-x64

7

5b21972284...3e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b219722844718194c11874136d8b7b85ea25cda551d7002850cb930b9fc0b3e.exe

  • Size

    1.6MB

  • Sample

    241121-ysawjawmct

  • MD5

    dce4e27a9b406b7ab027bf9120cbd586

  • SHA1

    ae49c0d0e091519fe7dbb48c7300a823aa8bcf2d

  • SHA256

    5b219722844718194c11874136d8b7b85ea25cda551d7002850cb930b9fc0b3e

  • SHA512

    4686553a9d596658db4feb55f55fb86315aa7eec4de2bb4dfdfd733268c9b03b311b0807e4c807866167c0a34a2dc26b090536bbdf920074c3fe32a1d52aa5aa

  • SSDEEP

    24576:9sRgQPPLVkiouiRjaMkVRu9JS70cJscGh6U8mEGKacNpVAADNi5GeZTOjoR:9sV3LGjpkVIJunw98mTKfVAyNioSTOm

Score
10/10

Malware Config

Targets

    • Target

      5b219722844718194c11874136d8b7b85ea25cda551d7002850cb930b9fc0b3e.exe

    • Size

      1.6MB

    • MD5

      dce4e27a9b406b7ab027bf9120cbd586

    • SHA1

      ae49c0d0e091519fe7dbb48c7300a823aa8bcf2d

    • SHA256

      5b219722844718194c11874136d8b7b85ea25cda551d7002850cb930b9fc0b3e

    • SHA512

      4686553a9d596658db4feb55f55fb86315aa7eec4de2bb4dfdfd733268c9b03b311b0807e4c807866167c0a34a2dc26b090536bbdf920074c3fe32a1d52aa5aa

    • SSDEEP

      24576:9sRgQPPLVkiouiRjaMkVRu9JS70cJscGh6U8mEGKacNpVAADNi5GeZTOjoR:9sV3LGjpkVIJunw98mTKfVAyNioSTOm

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Drops startup file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks