Overview

overview

8

Static

static

ee8ebaf9b3...7b.rtf

windows7_x64

7

ee8ebaf9b3...7b.rtf

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee8ebaf9b33326b404b25f0d728db54e33209c382b0d5aaab3f26930801d3f7b

  • Size

    261KB

  • Sample

    220201-dab1nagag8

  • MD5

    4ec96fda4647d8e19ef7d8b978fa5308

  • SHA1

    cc2a91f58924c0611a3123ebd5ce2ea065a2541e

  • SHA256

    ee8ebaf9b33326b404b25f0d728db54e33209c382b0d5aaab3f26930801d3f7b

  • SHA512

    fbaadb4c0d017d029bafa8ba42102631c8ee03b53691ce64638f81ad1a38be8db606610d893b37fec73dba33e6e830622599f0000aa06e87a43bdbcbc5a915a9

Score
8/10
persistence

Malware Config

Targets

    • Target

      ee8ebaf9b33326b404b25f0d728db54e33209c382b0d5aaab3f26930801d3f7b

    • Size

      261KB

    • MD5

      4ec96fda4647d8e19ef7d8b978fa5308

    • SHA1

      cc2a91f58924c0611a3123ebd5ce2ea065a2541e

    • SHA256

      ee8ebaf9b33326b404b25f0d728db54e33209c382b0d5aaab3f26930801d3f7b

    • SHA512

      fbaadb4c0d017d029bafa8ba42102631c8ee03b53691ce64638f81ad1a38be8db606610d893b37fec73dba33e6e830622599f0000aa06e87a43bdbcbc5a915a9

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Use of msiexec (install) with remote resource

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks