Overview

overview

8

Static

static

onliner_1_...in.exe

windows7_x64

8

onliner_1_...in.exe

windows10_x64

8

Resubmissions

12-02-2021 14:11

210212-551hze35jj 8

12-02-2021 14:06

210212-7zb7p6v2cs 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    onliner_1_b5c87cab2ff99d1e4b4c3ee897b07869fa8f6a63fbd27018f589c105faf91fcd.bin

  • Size

    440KB

  • Sample

    210212-7zb7p6v2cs

  • MD5

    2b6c2617de3d5140cdad2b57fcfc66d1

  • SHA1

    208587b7ea5ee9b3925eb36985ef11b79abd783d

  • SHA256

    b5c87cab2ff99d1e4b4c3ee897b07869fa8f6a63fbd27018f589c105faf91fcd

  • SHA512

    01a97124343832d625107a79df5aa74bea8fa8ba8460fed7565adf5c9395315fab18e8e0307b585bc8f7787d4a99806c10b62accf18ed5c4fa95e194f26db873

Score
8/10
persistence

Malware Config

Targets

    • Target

      onliner_1_b5c87cab2ff99d1e4b4c3ee897b07869fa8f6a63fbd27018f589c105faf91fcd.bin

    • Size

      440KB

    • MD5

      2b6c2617de3d5140cdad2b57fcfc66d1

    • SHA1

      208587b7ea5ee9b3925eb36985ef11b79abd783d

    • SHA256

      b5c87cab2ff99d1e4b4c3ee897b07869fa8f6a63fbd27018f589c105faf91fcd

    • SHA512

      01a97124343832d625107a79df5aa74bea8fa8ba8460fed7565adf5c9395315fab18e8e0307b585bc8f7787d4a99806c10b62accf18ed5c4fa95e194f26db873

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks