Overview

overview

8

Static

static

8

32.bin.exe

windows7_x64

8

32.bin.exe

windows10_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32.bin.zip

  • Size

    337KB

  • Sample

    201105-fet9d6r756

  • MD5

    ec1a9222741387fc191e71c9b67d82e4

  • SHA1

    20e84ec53ce2d0fef520c62273dbcd01e31b8d79

  • SHA256

    9ec3d9b4df195507349c01f82dfca97d5ac932f07f4c49d6bc74bf69d8f52941

  • SHA512

    4e46382be9078a4201feb25017ff5b7d7d8f70d3e73d6289f8ca711f45c0c4bf33685b9420f26f2522e53972aecc9a86b2675e2164cbab0979e7cdebd2999521

Score
8/10
discoveryevasionpersistenceupx

Malware Config

Targets

    • Target

      32.bin

    • Size

      343KB

    • MD5

      5eff0e7d20965aec2fe5694f38779d16

    • SHA1

      28f9491eaad550b515ff291d20a0bfd65c36c3c6

    • SHA256

      127705c86952e94a2fbd331121c7250c205d1803c4a3bd4f33b32188055690b7

    • SHA512

      4c41124a02b95bef0344df6adcf2a376a39667aa3d98ab7c6239e64704e9227bfe3c60f3f6a0ab5f5bcbd56227890ba2e9aac3d10f42bc018dcd91e54777265b

    Score
    8/10
    discoveryevasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Hidden Files and Directories

1
T1158

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks