General
-
Target
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba
-
Size
4MB
-
Sample
210712-wkkvyz6vax
-
MD5
15e8a6b8e6f7497ff3b858d3bad7f0c3
-
SHA1
f672aa3a40647f3f1c724e1e6279e09332e5df18
-
SHA256
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba
-
SHA512
4857e5eaa32dca2159a25465bcb389568dc5376f79901dacd8bcc103be052e81cba2563721cf34409507b89939e2dc97ce11624e75408d6c01147db2e2635e5d
Static task
static1
Behavioral task
behavioral1
Sample
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba
-
Size
4MB
-
MD5
15e8a6b8e6f7497ff3b858d3bad7f0c3
-
SHA1
f672aa3a40647f3f1c724e1e6279e09332e5df18
-
SHA256
5d7aa3474e734913ecb4b820c0c546c92f7684081c519eecd3990e11a19bf2ba
-
SHA512
4857e5eaa32dca2159a25465bcb389568dc5376f79901dacd8bcc103be052e81cba2563721cf34409507b89939e2dc97ce11624e75408d6c01147db2e2635e5d
Score10/10-
family_biopass
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Modify Registry
1Discovery
Query Registry
2Remote System Discovery
1System Information Discovery
2Peripheral Device Discovery
1Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Registry Run Keys / Startup Folder
1Privilege Escalation