Overview

overview

8

Static

static

643aaf3a5e...71.exe

windows7_x64

8

643aaf3a5e...71.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    643aaf3a5ea4cf8cf028f48f5e9ebe8cbcca3b4d359d08f5510f89951c9d9771

  • Size

    2.9MB

  • Sample

    201108-na6vhf7y42

  • MD5

    821c45d73884b3910f1558fe881db5dd

  • SHA1

    6b44bc8f8c539f4fbb11500ddbdcc99cd9ebe7bf

  • SHA256

    643aaf3a5ea4cf8cf028f48f5e9ebe8cbcca3b4d359d08f5510f89951c9d9771

  • SHA512

    cc8e3a03c97e88d1611c9641686382ce5506dfd60adf77037eac84654337dc28c8c4365fd922a951055c2ac5d50b94e3b87f85c467ccc907af34961341698666

Score
8/10
discovery

Malware Config

Targets

    • Target

      643aaf3a5ea4cf8cf028f48f5e9ebe8cbcca3b4d359d08f5510f89951c9d9771

    • Size

      2.9MB

    • MD5

      821c45d73884b3910f1558fe881db5dd

    • SHA1

      6b44bc8f8c539f4fbb11500ddbdcc99cd9ebe7bf

    • SHA256

      643aaf3a5ea4cf8cf028f48f5e9ebe8cbcca3b4d359d08f5510f89951c9d9771

    • SHA512

      cc8e3a03c97e88d1611c9641686382ce5506dfd60adf77037eac84654337dc28c8c4365fd922a951055c2ac5d50b94e3b87f85c467ccc907af34961341698666

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • JavaScript code in executable

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Security Software Discovery

1
T1063

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks