Overview

overview

8

Static

static

PO570943.exe

windows7_x64

8

PO570943.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO570943.exe

  • Size

    850KB

  • Sample

    200630-kzxjy7g6kj

  • MD5

    15b8b9017505c2a13e8a513e9a92b3e0

  • SHA1

    587304393a857e9f8feef26b5f44ac9d4cac5827

  • SHA256

    1c3d30d7637b1a6fb648b1cf1de6c7a8375337327cd243f87d525c109554db7d

  • SHA512

    7379421656a6640668399d8edb46bb34f6bbe386c50abc6fa07cf6c485dcba928a2a9a679234c6cecde34c7852ebb5698172caba6d0c7eb327872e417c28b84a

Score
8/10
evasionspywaretrojan

Malware Config

Targets

    • Target

      PO570943.exe

    • Size

      850KB

    • MD5

      15b8b9017505c2a13e8a513e9a92b3e0

    • SHA1

      587304393a857e9f8feef26b5f44ac9d4cac5827

    • SHA256

      1c3d30d7637b1a6fb648b1cf1de6c7a8375337327cd243f87d525c109554db7d

    • SHA512

      7379421656a6640668399d8edb46bb34f6bbe386c50abc6fa07cf6c485dcba928a2a9a679234c6cecde34c7852ebb5698172caba6d0c7eb327872e417c28b84a

    Score
    8/10
    evasionspywaretrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system certificate store

      evasionspywaretrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks