Overview

overview

7

task1

 

1

task2

 

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66f10676fc5fa22e06c4d4caf940e81f7ac72e55c2836da1922e301c82675ed7

  • Size

    572KB

  • Sample

    191025-vy4gf88pe2

  • MD5

    f5091eedc3d521af003c2301300cf80b

  • SHA1

    5f7473e47b719df1d37814061e3cb5739bea1adb

  • SHA256

    66f10676fc5fa22e06c4d4caf940e81f7ac72e55c2836da1922e301c82675ed7

  • SHA512

    bcb7cf08ac9e673e17d049c1a861c7821ee69275e4bb8964c90493b114503d59a496b08e29a64ea2e7006460f7c2dd30924639ac55c92d38ab1765412250b840

Score
7/10

Malware Config

Targets

    • Target

      66f10676fc5fa22e06c4d4caf940e81f7ac72e55c2836da1922e301c82675ed7

    • Size

      572KB

    • MD5

      f5091eedc3d521af003c2301300cf80b

    • SHA1

      5f7473e47b719df1d37814061e3cb5739bea1adb

    • SHA256

      66f10676fc5fa22e06c4d4caf940e81f7ac72e55c2836da1922e301c82675ed7

    • SHA512

      bcb7cf08ac9e673e17d049c1a861c7821ee69275e4bb8964c90493b114503d59a496b08e29a64ea2e7006460f7c2dd30924639ac55c92d38ab1765412250b840

    Score
    7/10

    • Windows security modification

      evasiontrojan

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

      persistence
    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks