Overview

overview

7

task1

 

1

task2

 

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e375000c0ca3e40bd32ff8330accf1d9933fcbe8a23788b2d8dfeb6c717bf93

  • Size

    1.2MB

  • Sample

    191025-dwgs27s12x

  • MD5

    fda0ee25bf1e76e386b2e08530fb4946

  • SHA1

    97df6336ad2b0687564f66396f52fc51529eb369

  • SHA256

    4e375000c0ca3e40bd32ff8330accf1d9933fcbe8a23788b2d8dfeb6c717bf93

  • SHA512

    72e119091f28bec97f79fce00de299a766940057f427132693a7ce4536abd36c5bad26c48542e83b5cf8bf4da1f36dd5e5c2e37213246ba295d79448e532db3a

Score
7/10

Malware Config

Targets

    • Target

      4e375000c0ca3e40bd32ff8330accf1d9933fcbe8a23788b2d8dfeb6c717bf93

    • Size

      1.2MB

    • MD5

      fda0ee25bf1e76e386b2e08530fb4946

    • SHA1

      97df6336ad2b0687564f66396f52fc51529eb369

    • SHA256

      4e375000c0ca3e40bd32ff8330accf1d9933fcbe8a23788b2d8dfeb6c717bf93

    • SHA512

      72e119091f28bec97f79fce00de299a766940057f427132693a7ce4536abd36c5bad26c48542e83b5cf8bf4da1f36dd5e5c2e37213246ba295d79448e532db3a

    Score
    7/10

    • Windows security modification

      evasiontrojan

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

      persistence
    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks