Overview

overview

8

Static

static

dds.com.exe

windows7_x64

8

dds.com.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dds.com

  • Size

    672KB

  • Sample

    200402-e6ah6xdpw6

  • MD5

    8b968045d75783a09592c3105f2865da

  • SHA1

    1d5b06567e19f72e77d52a32f5fa3a0e0c3c54b4

  • SHA256

    be045ae0deaae4656cff8810e466f90ab75f575587fe83f4873d812465bac068

  • SHA512

    e7f3686c793d5ba8d93a3d2bd5242ece4f2791e98714ca02a21e040560b8d26b6b4f9307919786351df32afeaa3fb31d9ee9bb0d1c5a6bfbbd4b02226a9f36c2

Score
8/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      dds.com

    • Size

      672KB

    • MD5

      8b968045d75783a09592c3105f2865da

    • SHA1

      1d5b06567e19f72e77d52a32f5fa3a0e0c3c54b4

    • SHA256

      be045ae0deaae4656cff8810e466f90ab75f575587fe83f4873d812465bac068

    • SHA512

      e7f3686c793d5ba8d93a3d2bd5242ece4f2791e98714ca02a21e040560b8d26b6b4f9307919786351df32afeaa3fb31d9ee9bb0d1c5a6bfbbd4b02226a9f36c2

    Score
    8/10
    persistenceevasiontrojandiscovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for installed software on the system

      discovery

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    • Modifies service

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks