bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

bb1f18.exe

windows7_x64

8

bb1f18.exe

windows10_x64

8

Sharing

General

Target

bb1f18.exe
Size

1.1MB
Sample

210227-htdttfqt2x
MD5

449d5f628cd5ce61db9b3aca95476a58
SHA1

f83041dd54959fcfc56c6903f96e4859bc68f43e
SHA256

bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816
SHA512

0b71225387610bf26e9ef6e3ce37ebb5e518b2309b810b6bf08c6d87c305cf75caada1d6249eb1f7c4b82cf3d675413ac7e2f68bf842429b7b511eef552b1d03

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

bb1f18.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bb1f18.exe

Resource

win10v20201028

discovery persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bb1f18.exe
- Size
  
  1.1MB
- MD5
  
  449d5f628cd5ce61db9b3aca95476a58
- SHA1
  
  f83041dd54959fcfc56c6903f96e4859bc68f43e
- SHA256
  
  bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816
- SHA512
  
  0b71225387610bf26e9ef6e3ce37ebb5e518b2309b810b6bf08c6d87c305cf75caada1d6249eb1f7c4b82cf3d675413ac7e2f68bf842429b7b511eef552b1d03
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy