Overview

overview

8

Static

static

140f2e555c...75.exe

windows7_x64

8

140f2e555c...75.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    140f2e555c2620f63a7e84c18923f4f5050e7459267171c1cfde784461607175

  • Size

    33KB

  • Sample

    210513-kqcfndy2js

  • MD5

    3665d8e8310140cacc7434de8361dfee

  • SHA1

    1e5dbae57598a72973d26d54bf2a273988e5dc93

  • SHA256

    140f2e555c2620f63a7e84c18923f4f5050e7459267171c1cfde784461607175

  • SHA512

    dc495f1bff99d20bd6e881e967f97d7c8132896dbe9f05d26363c79444be59793c9af9196787f5cb65580f1c64938b255b3d1166d67f119a0fbc5faedc5dd954

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      140f2e555c2620f63a7e84c18923f4f5050e7459267171c1cfde784461607175

    • Size

      33KB

    • MD5

      3665d8e8310140cacc7434de8361dfee

    • SHA1

      1e5dbae57598a72973d26d54bf2a273988e5dc93

    • SHA256

      140f2e555c2620f63a7e84c18923f4f5050e7459267171c1cfde784461607175

    • SHA512

      dc495f1bff99d20bd6e881e967f97d7c8132896dbe9f05d26363c79444be59793c9af9196787f5cb65580f1c64938b255b3d1166d67f119a0fbc5faedc5dd954

    Score
    8/10
    evasionpersistence

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks