Overview

overview

10

Static

static

e64dcccbac...06.exe

windows7_x64

10

e64dcccbac...06.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e64dcccbacf45adc3598680dca741838391bc01ec17319c7a50b2e763bd70c06

  • Size

    136KB

  • Sample

    210513-xgvjgkv7tj

  • MD5

    6cec5677ec71d9ba80398d8279dc6a50

  • SHA1

    2b7904ea6ee3a64170c4b2abf79ed89785ed7f25

  • SHA256

    e64dcccbacf45adc3598680dca741838391bc01ec17319c7a50b2e763bd70c06

  • SHA512

    d610151a85ababa8845e84b4f5494327596ce66390988a8a149cf667df507aac6dba21f4e8a124341477b2906abc25bef4eab13bc83a35e9186ee22886abdcf9

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      e64dcccbacf45adc3598680dca741838391bc01ec17319c7a50b2e763bd70c06

    • Size

      136KB

    • MD5

      6cec5677ec71d9ba80398d8279dc6a50

    • SHA1

      2b7904ea6ee3a64170c4b2abf79ed89785ed7f25

    • SHA256

      e64dcccbacf45adc3598680dca741838391bc01ec17319c7a50b2e763bd70c06

    • SHA512

      d610151a85ababa8845e84b4f5494327596ce66390988a8a149cf667df507aac6dba21f4e8a124341477b2906abc25bef4eab13bc83a35e9186ee22886abdcf9

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Hidden Files and Directories

1
T1158

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks