Overview

overview

8

Static

static

277371d2f6...7f.exe

windows7_x64

8

277371d2f6...7f.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    277371d2f69231c4beced4f5898f2a6bd57f1fe7488e50decc6e7ea63ad5677f

  • Size

    138KB

  • Sample

    210228-72k3n3tdhn

  • MD5

    6c7e2255031fdbb8efd157c2b4179319

  • SHA1

    f77cf9bb93945feb70c2519debbfbaec476156f3

  • SHA256

    277371d2f69231c4beced4f5898f2a6bd57f1fe7488e50decc6e7ea63ad5677f

  • SHA512

    8a992f53395fa4a0afbe9354a39cfee642b9f8b396b21317d16b21029221a5c379fbe16812ea85b4296064157f2053f2413ee5a1aa76c1fa3392d26fb79bb406

Score
8/10
persistence

Malware Config

Targets

    • Target

      277371d2f69231c4beced4f5898f2a6bd57f1fe7488e50decc6e7ea63ad5677f

    • Size

      138KB

    • MD5

      6c7e2255031fdbb8efd157c2b4179319

    • SHA1

      f77cf9bb93945feb70c2519debbfbaec476156f3

    • SHA256

      277371d2f69231c4beced4f5898f2a6bd57f1fe7488e50decc6e7ea63ad5677f

    • SHA512

      8a992f53395fa4a0afbe9354a39cfee642b9f8b396b21317d16b21029221a5c379fbe16812ea85b4296064157f2053f2413ee5a1aa76c1fa3392d26fb79bb406

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks