Overview

overview

9

Static

static

7d9b6189d0...ed.exe

windows7_x64

8

7d9b6189d0...ed.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d9b6189d0c08e7db2a76ba2f06b48ed

  • Size

    11.1MB

  • Sample

    201117-7sjjgpcb2s

  • MD5

    f07df9299a787c554608c0f0ca62f71c

  • SHA1

    de3026deabaa110c8ba796bea99213323cf1a041

  • SHA256

    cc1dc40bedf0589bfe144beeee1b65c6f9ec1522169d4d5b3af2c297918bb469

  • SHA512

    b4acf94f9de4bbd9c5c06ac1c96ca117d3d74427089eadbbd876e932bcd1159ddb066bb6ef2504c8fb539d2fb92b55ef29b3246232a1e29daf08a1ee2ed42024

Score
9/10
discovery

Malware Config

Targets

    • Target

      7d9b6189d0c08e7db2a76ba2f06b48ed

    • Size

      11.1MB

    • MD5

      f07df9299a787c554608c0f0ca62f71c

    • SHA1

      de3026deabaa110c8ba796bea99213323cf1a041

    • SHA256

      cc1dc40bedf0589bfe144beeee1b65c6f9ec1522169d4d5b3af2c297918bb469

    • SHA512

      b4acf94f9de4bbd9c5c06ac1c96ca117d3d74427089eadbbd876e932bcd1159ddb066bb6ef2504c8fb539d2fb92b55ef29b3246232a1e29daf08a1ee2ed42024

    Score
    9/10
    discovery

    • ServiceHost packer

      Detects ServiceHost packer used for .NET malware

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks