8e87d800919cab678d916a2242bb400f53fc9397f6fcc6de053afdc798042f14 | Triage

Sharing

General

Target

2020-01-09-12-13_4sZAhGZh.exe
Size

106KB
Sample

200109-ym7kmkrsda
MD5

5e0f5ea7754291a40e0491c43fabd0b2
SHA1

9993b6ae6ab52720c1d62c10cc4a183ca3537004
SHA256

8e87d800919cab678d916a2242bb400f53fc9397f6fcc6de053afdc798042f14
SHA512

5ded86ad0e1a3bf153e4fe4367f877f8f26e024e9a6dc33192011a658d8b663474af29433f1f5849f2905f898761b94c930c01686186074ceaca9b6b9a1aaa6e

Score

8^/10

evasion spreading trojan

Malware Config

Targets

- Target
  
  2020-01-09-12-13_4sZAhGZh.exe
- Size
  
  106KB
- MD5
  
  5e0f5ea7754291a40e0491c43fabd0b2
- SHA1
  
  9993b6ae6ab52720c1d62c10cc4a183ca3537004
- SHA256
  
  8e87d800919cab678d916a2242bb400f53fc9397f6fcc6de053afdc798042f14
- SHA512
  
  5ded86ad0e1a3bf153e4fe4367f877f8f26e024e9a6dc33192011a658d8b663474af29433f1f5849f2905f898761b94c930c01686186074ceaca9b6b9a1aaa6e
Score

8^/10

spreading trojan evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Drops autorun.inf file
  spreading trojan
task1 task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Impact

Tasks

task1

spreadingtrojanevasion

task2

evasionspreadingtrojan