Overview

overview

10

Static

static

order conf...01.exe

windows7_x64

10

order conf...01.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    order confirmation 6026022001.exe

  • Size

    20KB

  • Sample

    210226-ghlmx8yj36

  • MD5

    a9ebeb182dacaf7bce486a6057eca4b3

  • SHA1

    a120761190e19ea911ade534cfa5b306d23f1290

  • SHA256

    0466e95386b646ceb150b3e44533c0f20aef85ba49757b9ec1fd1c01a47d31eb

  • SHA512

    6fa85664bc6b43f1fbcd338c94a64355575e6a4c2f5ee699c72c2c1f7ae1b1c5221b8c0c12d6e17e671361d21495e68ab8c5682a09281bf01cee0e6e1338a613

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      order confirmation 6026022001.exe

    • Size

      20KB

    • MD5

      a9ebeb182dacaf7bce486a6057eca4b3

    • SHA1

      a120761190e19ea911ade534cfa5b306d23f1290

    • SHA256

      0466e95386b646ceb150b3e44533c0f20aef85ba49757b9ec1fd1c01a47d31eb

    • SHA512

      6fa85664bc6b43f1fbcd338c94a64355575e6a4c2f5ee699c72c2c1f7ae1b1c5221b8c0c12d6e17e671361d21495e68ab8c5682a09281bf01cee0e6e1338a613

    Score
    10/10
    evasionpersistencetrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

7
T1112

Disabling Security Tools

5
T1089

Bypass User Account Control

1
T1088

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks