d1c4be3772ebe6d26f06e3e38ae667c3236e1f13658e652eed0aa14dac5f45f0 | Triage

Submit
Reports

Overview

overview

8

Static

static

uncategori...ir.exe

windows7_x64

8

uncategori...ir.exe

windows10_x64

1

Sharing

General

Target

uncategorized_3.1.0.8.vir
Size

138KB
Sample

200719-q5vsbynwmj
MD5

32d41459d463da10d92c1e14c487cc0c
SHA1

d6fd3acae67cd9875d339fe649bf237a7e0ae316
SHA256

d1c4be3772ebe6d26f06e3e38ae667c3236e1f13658e652eed0aa14dac5f45f0
SHA512

23f9554aa4d75be4a909fc1c35798cffe2e22503e222815cf846399bf33fba16c4856953ebf28f9f7dfb688a67e1dd498114f4fa409dba5fad4891e5bcaf178e

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

uncategorized_3.1.0.8.vir.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

uncategorized_3.1.0.8.vir.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  uncategorized_3.1.0.8.vir
- Size
  
  138KB
- MD5
  
  32d41459d463da10d92c1e14c487cc0c
- SHA1
  
  d6fd3acae67cd9875d339fe649bf237a7e0ae316
- SHA256
  
  d1c4be3772ebe6d26f06e3e38ae667c3236e1f13658e652eed0aa14dac5f45f0
- SHA512
  
  23f9554aa4d75be4a909fc1c35798cffe2e22503e222815cf846399bf33fba16c4856953ebf28f9f7dfb688a67e1dd498114f4fa409dba5fad4891e5bcaf178e
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy