Overview

overview

8

Static

static

16383a81f9...33.exe

windows7_x64

8

16383a81f9...33.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16383a81f9f7f11beb922556a791dab392383c405d858ad5bcff9c41f9d2a933

  • Size

    261KB

  • Sample

    210513-aypgx72ebe

  • MD5

    918f2db499212c85bc93d7da1521f89c

  • SHA1

    f0f4778b1ec991e5d263f1419fb07d173d19a793

  • SHA256

    16383a81f9f7f11beb922556a791dab392383c405d858ad5bcff9c41f9d2a933

  • SHA512

    76c33d7ba6049338f379241190f6483a2223f6e05f5dbbe413b17173a7567098f92ed352165d582f5d9518267cd33de4164e3dd5f11a39b79d9ebd6adb389520

Score
8/10
persistence

Malware Config

Targets

    • Target

      16383a81f9f7f11beb922556a791dab392383c405d858ad5bcff9c41f9d2a933

    • Size

      261KB

    • MD5

      918f2db499212c85bc93d7da1521f89c

    • SHA1

      f0f4778b1ec991e5d263f1419fb07d173d19a793

    • SHA256

      16383a81f9f7f11beb922556a791dab392383c405d858ad5bcff9c41f9d2a933

    • SHA512

      76c33d7ba6049338f379241190f6483a2223f6e05f5dbbe413b17173a7567098f92ed352165d582f5d9518267cd33de4164e3dd5f11a39b79d9ebd6adb389520

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks