Overview

overview

7

task1

 

1

task2

 

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84fa20a8ac5ad1ecec616da3fcc3cb46069629824f817f448d52c2236c43ee62

  • Size

    666KB

  • Sample

    191025-wbed2mkmc6

  • MD5

    35cd00bc917cc74f898b5d79816a1d73

  • SHA1

    58cbe60e76c841c13df23a05d52ac8c1ad1a415b

  • SHA256

    84fa20a8ac5ad1ecec616da3fcc3cb46069629824f817f448d52c2236c43ee62

  • SHA512

    f579fa37e74a658010006e40a207f731653cd1193ebda1930999fa02f8649da13638294e22e242d90934c6fe679070120b43fe4ee3101bfd689ca817a3723638

Score
7/10

Malware Config

Targets

    • Target

      84fa20a8ac5ad1ecec616da3fcc3cb46069629824f817f448d52c2236c43ee62

    • Size

      666KB

    • MD5

      35cd00bc917cc74f898b5d79816a1d73

    • SHA1

      58cbe60e76c841c13df23a05d52ac8c1ad1a415b

    • SHA256

      84fa20a8ac5ad1ecec616da3fcc3cb46069629824f817f448d52c2236c43ee62

    • SHA512

      f579fa37e74a658010006e40a207f731653cd1193ebda1930999fa02f8649da13638294e22e242d90934c6fe679070120b43fe4ee3101bfd689ca817a3723638

    Score
    7/10

    • Windows security modification

      evasiontrojan

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

      persistence
    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks