Overview

overview

8

Static

static

8

ydfvy74c.exe

windows7_x64

8

ydfvy74c.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ydfvy74c.exe

  • Size

    372KB

  • Sample

    210307-eq168c9d6e

  • MD5

    e9dc058440d321aa17d0600b3ca0ab04

  • SHA1

    539c228b6b332f5aa523e5ce358c16647d8bbe57

  • SHA256

    e8a3e804a96c716a3e9b69195db6ffb0d33e2433af871e4d4e1eab3097237173

  • SHA512

    7e9a18fd03f1ce53e2829683f7aa51bd3ce7794ead29266bcb248e3088342dc369c43f644d31f4671a9a97244bbbfc2add1961b7c760e41b8ddf277bcdb7ebde

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ydfvy74c.exe

    • Size

      372KB

    • MD5

      e9dc058440d321aa17d0600b3ca0ab04

    • SHA1

      539c228b6b332f5aa523e5ce358c16647d8bbe57

    • SHA256

      e8a3e804a96c716a3e9b69195db6ffb0d33e2433af871e4d4e1eab3097237173

    • SHA512

      7e9a18fd03f1ce53e2829683f7aa51bd3ce7794ead29266bcb248e3088342dc369c43f644d31f4671a9a97244bbbfc2add1961b7c760e41b8ddf277bcdb7ebde

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks