Overview

overview

8

Static

static

d92ff294fd...24.exe

windows7_x64

8

d92ff294fd...24.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d92ff294fd993c16a4bc8581e0a84fe361d714b75b87f812331231a35e7dc124

  • Size

    1.8MB

  • Sample

    201108-c739hatdpj

  • MD5

    14e426e40efb41c9ee647ff8eeb8d3f8

  • SHA1

    be7f2bd1b71af40cfb29320c843ef272701f1b67

  • SHA256

    d92ff294fd993c16a4bc8581e0a84fe361d714b75b87f812331231a35e7dc124

  • SHA512

    9210b53bea9e2ff975aa8ee3ed2eb79234a9fba68dade923950b0b8ed6ed1a2976f6d9e6b5aec39132be823ff980177949311e1ebab9529e7d5d56512b502884

Score
8/10
discovery

Malware Config

Targets

    • Target

      d92ff294fd993c16a4bc8581e0a84fe361d714b75b87f812331231a35e7dc124

    • Size

      1.8MB

    • MD5

      14e426e40efb41c9ee647ff8eeb8d3f8

    • SHA1

      be7f2bd1b71af40cfb29320c843ef272701f1b67

    • SHA256

      d92ff294fd993c16a4bc8581e0a84fe361d714b75b87f812331231a35e7dc124

    • SHA512

      9210b53bea9e2ff975aa8ee3ed2eb79234a9fba68dade923950b0b8ed6ed1a2976f6d9e6b5aec39132be823ff980177949311e1ebab9529e7d5d56512b502884

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • JavaScript code in executable

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks