Overview

overview

10

Static

static

winrar-x64-420.exe

windows7_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    winrar-x64-420.exe

  • Size

    1.6MB

  • Sample

    211020-rshstaaafn

  • MD5

    fb988877749721fbe134c2580c412f53

  • SHA1

    7398c58b50ec82b8f133deecc1b6f53459951e96

  • SHA256

    e1039b5051eef12c37200ab0d3e93d407a5027aad6b59ba705526f670f0634b1

  • SHA512

    906ddbd30ce8503df8b71d5446bfc7a7aae0076313f58dd94523e63acd525b9a323d42f937b772f75fa274740d96c8d21030e6de68610c93d56d37935f40022e

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      winrar-x64-420.exe

    • Size

      1.6MB

    • MD5

      fb988877749721fbe134c2580c412f53

    • SHA1

      7398c58b50ec82b8f133deecc1b6f53459951e96

    • SHA256

      e1039b5051eef12c37200ab0d3e93d407a5027aad6b59ba705526f670f0634b1

    • SHA512

      906ddbd30ce8503df8b71d5446bfc7a7aae0076313f58dd94523e63acd525b9a323d42f937b772f75fa274740d96c8d21030e6de68610c93d56d37935f40022e

    Score
    10/10
    discoverypersistence

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks