winrar-x64-591.exe

General
Target

winrar-x64-591.exe

Size

3MB

Sample

201124-tw7v7kcpdj

Score
10 /10
MD5

779b1a96f1da4a1af90eecf940dd6d07

SHA1

3f077891cddd60f7770067f044ddf56ea73d699d

SHA256

58bb4399d28df01f90e1d0c5b2cf734dc53557d543354de3ce14fa6f6931c58a

SHA512

ae37b7b3647e63ccafb98b87d14d7cd02855c06bd6b7cdbcd00db85b65d40bd8a5e95bafb859d1fbd01fe832b3ba1b910ed68bcaaf56a96d47d317292bdc2488

Malware Config
Targets
Target

winrar-x64-591.exe

MD5

779b1a96f1da4a1af90eecf940dd6d07

Filesize

3MB

Score
10 /10
SHA1

3f077891cddd60f7770067f044ddf56ea73d699d

SHA256

58bb4399d28df01f90e1d0c5b2cf734dc53557d543354de3ce14fa6f6931c58a

SHA512

ae37b7b3647e63ccafb98b87d14d7cd02855c06bd6b7cdbcd00db85b65d40bd8a5e95bafb859d1fbd01fe832b3ba1b910ed68bcaaf56a96d47d317292bdc2488

Tags

Signatures

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify Registry Change Default File Association
  • Registers COM server for autorun

    Tags

    TTPs

    Registry Run Keys / Startup Folder
  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    6/10

                    behavioral1

                    10/10

                    behavioral2

                    10/10