Overview

overview

10

Static

static

order conf...01.exe

windows7_x64

10

order conf...01.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    order confirmation 6026022001.iso

  • Size

    82KB

  • Sample

    210226-hjfn5x87gx

  • MD5

    f4617915ac35ec5a279e0d5a3b5118df

  • SHA1

    40f690aacfb1036b1ad172251e304f5fa2b38616

  • SHA256

    4b2f0eb00202ec3cbca86b6d15c53ab9d7a861193066c12d8bc47f5a6ab4e192

  • SHA512

    b3aafbbe56f4f0a53f552b44f2113a7c8e3cfd2b8f40a3d5ca380efc5355f00bd32a177599eb610b9807bd5f7aaafe5e942c3d8ae27ee87c8b5ed405fbaa01d5

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      order confirmation 6026022001.exe

    • Size

      20KB

    • MD5

      a9ebeb182dacaf7bce486a6057eca4b3

    • SHA1

      a120761190e19ea911ade534cfa5b306d23f1290

    • SHA256

      0466e95386b646ceb150b3e44533c0f20aef85ba49757b9ec1fd1c01a47d31eb

    • SHA512

      6fa85664bc6b43f1fbcd338c94a64355575e6a4c2f5ee699c72c2c1f7ae1b1c5221b8c0c12d6e17e671361d21495e68ab8c5682a09281bf01cee0e6e1338a613

    Score
    10/10
    evasionpersistencetrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

7
T1112

Disabling Security Tools

5
T1089

Bypass User Account Control

1
T1088

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks