General

  • Target

    uncategorized_3.0.1.0.vir

  • Size

    131KB

  • Sample

    200719-yhyfcmv5ks

  • MD5

    118c5062f58d84356b11c513d3d5cc83

  • SHA1

    892bbab65013e643396c36b9d0c37dd24474f187

  • SHA256

    07b9bd35d94b627cd2124f21985d2af0bde4a763857d476c02ccacee1a7b00e5

  • SHA512

    666c8ba55366a32e30ef6e0c3ce996f78b3c3f5b3e129c11d69d9db40800b37633a70d401525174742bd4f268714a23a5cb37d413f23ec4d077263213a475802

Score
8/10

Malware Config

Targets

    • Target

      uncategorized_3.0.1.0.vir

    • Size

      131KB

    • MD5

      118c5062f58d84356b11c513d3d5cc83

    • SHA1

      892bbab65013e643396c36b9d0c37dd24474f187

    • SHA256

      07b9bd35d94b627cd2124f21985d2af0bde4a763857d476c02ccacee1a7b00e5

    • SHA512

      666c8ba55366a32e30ef6e0c3ce996f78b3c3f5b3e129c11d69d9db40800b37633a70d401525174742bd4f268714a23a5cb37d413f23ec4d077263213a475802

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

3
T1112

Install Root Certificate

1
T1130

Tasks