Overview

overview

8

Static

static

uncategori...ir.exe

windows7_x64

8

uncategori...ir.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    uncategorized_3.0.0.5.vir

  • Size

    285KB

  • Sample

    200719-xv2jxxdtgs

  • MD5

    ab487e4eb8eddcac9fd6bcec1abdc026

  • SHA1

    250b7c4e03094da5b2bb8cd49ba57065ce188bc7

  • SHA256

    26da38192a595e7c444ed150dfea0671156f3721e8c0ba4608afe405f62c5525

  • SHA512

    397fefa08d47c50f3c6640d14f0df4a693e290d7ce33a18589cf9d1c23831775e4cbbf0e18ff6a6ef7b9631399d801698ee8ed8cfaa5f424c9a8348dfc421de1

Score
8/10
persistence

Malware Config

Targets

    • Target

      uncategorized_3.0.0.5.vir

    • Size

      285KB

    • MD5

      ab487e4eb8eddcac9fd6bcec1abdc026

    • SHA1

      250b7c4e03094da5b2bb8cd49ba57065ce188bc7

    • SHA256

      26da38192a595e7c444ed150dfea0671156f3721e8c0ba4608afe405f62c5525

    • SHA512

      397fefa08d47c50f3c6640d14f0df4a693e290d7ce33a18589cf9d1c23831775e4cbbf0e18ff6a6ef7b9631399d801698ee8ed8cfaa5f424c9a8348dfc421de1

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks