Overview

overview

8

Static

static

8

usvsfj.exe

windows7_x64

6

usvsfj.exe

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    usvsfj.exe

  • Size

    97KB

  • Sample

    210302-2bzgv9n2ha

  • MD5

    1b4d8157a607cada56c653d3279b3b09

  • SHA1

    27b7c9448d57f2fa90b9b0a12ab450fed24fcbef

  • SHA256

    1a924ad3b280185ed80830fcde3a20fd6cbcd2707806bf648a1daa304fe69d72

  • SHA512

    8e167994da718492d1b51e2db1b8e1454c7665762234ef781a05842a93917649b78f33ee6b063686e862e0ad5a13fbfec6365a66ad6147d10df8f196df6f2200

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      usvsfj.exe

    • Size

      97KB

    • MD5

      1b4d8157a607cada56c653d3279b3b09

    • SHA1

      27b7c9448d57f2fa90b9b0a12ab450fed24fcbef

    • SHA256

      1a924ad3b280185ed80830fcde3a20fd6cbcd2707806bf648a1daa304fe69d72

    • SHA512

      8e167994da718492d1b51e2db1b8e1454c7665762234ef781a05842a93917649b78f33ee6b063686e862e0ad5a13fbfec6365a66ad6147d10df8f196df6f2200

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks