General

  • Target

    gameover_0.0.0.20.vir

  • Size

    256KB

  • Sample

    200719-jwcv6gmens

  • MD5

    7a816c84601a3766a2b2412c74d65a2d

  • SHA1

    31947062310747d6068a52998b50de40dd117288

  • SHA256

    d7c1fc3ccb794a45e2d26267ee537ed174773f7d67114e23585e2b2c565257cb

  • SHA512

    e135255cca25e3f3d91f96e1bd498c378ecbd60a328fe22a556fd7beda37922308def0de1e45a2eb6128815320b009e341aa5dc37c8afe5a4d11dba52616632e

Score
8/10

Malware Config

Targets

    • Target

      gameover_0.0.0.20.vir

    • Size

      256KB

    • MD5

      7a816c84601a3766a2b2412c74d65a2d

    • SHA1

      31947062310747d6068a52998b50de40dd117288

    • SHA256

      d7c1fc3ccb794a45e2d26267ee537ed174773f7d67114e23585e2b2c565257cb

    • SHA512

      e135255cca25e3f3d91f96e1bd498c378ecbd60a328fe22a556fd7beda37922308def0de1e45a2eb6128815320b009e341aa5dc37c8afe5a4d11dba52616632e

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Tasks