Overview

overview

8

Static

static

76de62baf7...f4.exe

windows7_x64

8

76de62baf7...f4.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76de62baf7bc94dc19ef021fcd4f6a33957f34316f0f43cde93506c0fb35abf4

  • Size

    440KB

  • Sample

    201108-ee6pr2vtpx

  • MD5

    e1d48efba8de434584e87547558a436c

  • SHA1

    90f651fc2bc58dc28477a19c41845e34fe3959a4

  • SHA256

    76de62baf7bc94dc19ef021fcd4f6a33957f34316f0f43cde93506c0fb35abf4

  • SHA512

    9df17621ba36a787bb6ae05083cd8688cc7f3a22db99f779e373371a863477cebaf808e6ec77958d18f45b836786676d9e808b122ec5a7edcd85b62cdb9b364d

Score
8/10
discovery

Malware Config

Targets

    • Target

      76de62baf7bc94dc19ef021fcd4f6a33957f34316f0f43cde93506c0fb35abf4

    • Size

      440KB

    • MD5

      e1d48efba8de434584e87547558a436c

    • SHA1

      90f651fc2bc58dc28477a19c41845e34fe3959a4

    • SHA256

      76de62baf7bc94dc19ef021fcd4f6a33957f34316f0f43cde93506c0fb35abf4

    • SHA512

      9df17621ba36a787bb6ae05083cd8688cc7f3a22db99f779e373371a863477cebaf808e6ec77958d18f45b836786676d9e808b122ec5a7edcd85b62cdb9b364d

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • JavaScript code in executable

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks