1fc3cabbb795381877c9724be6c815e80890eee322dce82be1994a3cd9ec22ca | Triage

Submit
Reports

Overview

overview

Static

static

favorites_...0.html

windows7_x64

1

favorites_...0.html

windows10_x64

Resubmissions

05-11-2020 01:22

201105-g62xn2nnt2 10

05-11-2020 01:17

201105-lj69wwasf6 7

05-11-2020 01:11

201105-ajwh7dz4gn 9

05-11-2020 01:07

201105-wexjpqxels 7

Sharing

General

Target

favorites_10_30_20.html
Size

410B
Sample

201105-g62xn2nnt2
MD5

dadb7dbc14491c4a8455a2f7c55807d7
SHA1

70665fce8130d091c50519e214f5423224eef0e8
SHA256

1fc3cabbb795381877c9724be6c815e80890eee322dce82be1994a3cd9ec22ca
SHA512

b05f0cb29422be6900a3f0129fa11a92268387d3f9ef30cf76dfb083f7a340dee3191ef408acf07b81d113cf8d743ebbaf6e31c036c7d73ac112877e4643e40f

Score

10^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

favorites_10_30_20.html

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

favorites_10_30_20.html

Resource

win10v20201028

discovery persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  favorites_10_30_20.html
- Size
  
  410B
- MD5
  
  dadb7dbc14491c4a8455a2f7c55807d7
- SHA1
  
  70665fce8130d091c50519e214f5423224eef0e8
- SHA256
  
  1fc3cabbb795381877c9724be6c815e80890eee322dce82be1994a3cd9ec22ca
- SHA512
  
  b05f0cb29422be6900a3f0129fa11a92268387d3f9ef30cf76dfb083f7a340dee3191ef408acf07b81d113cf8d743ebbaf6e31c036c7d73ac112877e4643e40f
Score

10^/10

discovery persistence
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- JavaScript code in executable
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy