General

  • Target

    be2.exe

  • Size

    152KB

  • Sample

    201125-aegndxv5wj

  • MD5

    1d6d926f9287b4e4cb5bfc271a164f51

  • SHA1

    896fcacff6310bbe5335677e99e4c3d370f73d96

  • SHA256

    07a76c1d09a9792c348bb56572692fcc4ea5c96a77a2cddf23c0117d03a0dfad

  • SHA512

    055f08bbcb71664f96111eeebc75f64dafe05ae42a2ec6df7829008962345b29ebf36eddd4697da2c53a2fff936478b967633dd127285fa97aaaa740f6be158d

Score
8/10

Malware Config

Targets

    • Target

      be2.exe

    • Size

      152KB

    • MD5

      1d6d926f9287b4e4cb5bfc271a164f51

    • SHA1

      896fcacff6310bbe5335677e99e4c3d370f73d96

    • SHA256

      07a76c1d09a9792c348bb56572692fcc4ea5c96a77a2cddf23c0117d03a0dfad

    • SHA512

      055f08bbcb71664f96111eeebc75f64dafe05ae42a2ec6df7829008962345b29ebf36eddd4697da2c53a2fff936478b967633dd127285fa97aaaa740f6be158d

    Score
    8/10
    • Possible privilege escalation attempt

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

File Permissions Modification

1
T1222

Discovery

Remote System Discovery

1
T1018

Tasks