Overview

overview

8

Static

static

ce978a075b...7d.exe

windows7_x64

8

ce978a075b...7d.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce978a075bac32865a6627f2bb855c329d2e798730b718dc9f309f2b432a8d7d.zip

  • Size

    2.1MB

  • Sample

    201105-nxce4zljyx

  • MD5

    05919f50096472c65513c0d3e961055d

  • SHA1

    2de86405610b0b759aa6f58cdc97b65281bec666

  • SHA256

    c42605ae4e6fccd76450fc73f480f04c9ec2c103122e8211f48daabbf9ac689c

  • SHA512

    71c4139f9dfa21789f1f3796de3524c5a30209914e8eecec676ae3c4148bd60082543b01ec4a0473e7a996c4c7000251fa35f3a82fdfb994d07fb714dcabc4eb

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      ce978a075bac32865a6627f2bb855c329d2e798730b718dc9f309f2b432a8d7d

    • Size

      2.2MB

    • MD5

      aa94f1a2abab96f5bd41a84a37e2784b

    • SHA1

      a8df73a1c902839b456e3d9ada25b53ab95436df

    • SHA256

      ce978a075bac32865a6627f2bb855c329d2e798730b718dc9f309f2b432a8d7d

    • SHA512

      0287f6ed3cc3bb66789b8929ba45bf6e8ed70c31b8096d36bcdb93ab3d3c0a06aa41987d749eb1db55126b234a3ed468074f9e5ed7bac98f87829f8c4eed13d4

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks