General

  • Target

    murofet_0.0.0.7.vir

  • Size

    697KB

  • Sample

    200719-qkre8yxpvj

  • MD5

    b1627dcab38582f63015732de52ac6c9

  • SHA1

    9e0e4b9beceb63906df0e73697f38da220e67a6f

  • SHA256

    08a989233f339732da10dcc9ab1931f1ee5da84c7ae482ff7b2abdbc85d44b49

  • SHA512

    ec81c8b1773f037354b79b28bff186831dd2a932d6628c543ac63c8bf70f89752ae301609a9b6581f9fc89e7f4a515270378aec1fa5c3071155d37375591a4aa

Score
8/10

Malware Config

Targets

    • Target

      murofet_0.0.0.7.vir

    • Size

      697KB

    • MD5

      b1627dcab38582f63015732de52ac6c9

    • SHA1

      9e0e4b9beceb63906df0e73697f38da220e67a6f

    • SHA256

      08a989233f339732da10dcc9ab1931f1ee5da84c7ae482ff7b2abdbc85d44b49

    • SHA512

      ec81c8b1773f037354b79b28bff186831dd2a932d6628c543ac63c8bf70f89752ae301609a9b6581f9fc89e7f4a515270378aec1fa5c3071155d37375591a4aa

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Tasks