Overview

overview

8

Static

static

uncategori...ir.exe

windows7_x64

8

uncategori...ir.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    uncategorized_5.0.0.1.vir

  • Size

    138KB

  • Sample

    200719-jl1w3yslzn

  • MD5

    5463b8e1d5c3947aa83099c143a7bf08

  • SHA1

    7b2ef18142507718801e41ac105b7db1cbdbe5b5

  • SHA256

    f473938086334f7e6877e53b350339f11cfcc87ba10ec04a17bccfdf4d47a301

  • SHA512

    6df5da7a0675de3bce1671b6e57b99e44cd66e41a896ed85dcbc2848dcda77810f4e9be5f25864db6e07d3315ac7cb17b8d317a101b1ba5d87781986df9d34dc

Score
8/10
persistence

Malware Config

Targets

    • Target

      uncategorized_5.0.0.1.vir

    • Size

      138KB

    • MD5

      5463b8e1d5c3947aa83099c143a7bf08

    • SHA1

      7b2ef18142507718801e41ac105b7db1cbdbe5b5

    • SHA256

      f473938086334f7e6877e53b350339f11cfcc87ba10ec04a17bccfdf4d47a301

    • SHA512

      6df5da7a0675de3bce1671b6e57b99e44cd66e41a896ed85dcbc2848dcda77810f4e9be5f25864db6e07d3315ac7cb17b8d317a101b1ba5d87781986df9d34dc

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks