Overview

overview

10

Static

static

20200520.exe

windows7_x64

8

20200520.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2650515c496982b17d51cf0bc632e5148bcdaadbbbdff6e9cd916e210256a3d6

  • Size

    632KB

  • Sample

    220521-a8hpbabea4

  • MD5

    fb20ea03ffcc09e364e93285c62c31f1

  • SHA1

    bcb26a36aa25fb8501cb0eaa45b785ba9c220fce

  • SHA256

    2650515c496982b17d51cf0bc632e5148bcdaadbbbdff6e9cd916e210256a3d6

  • SHA512

    6c6b84ee5320b233b5ff9c8d92c09ca61f527100276fae2727aedb47af058b517abcdfc239eb12b815a3420f9536184f604fce47db28bf6d52e2560d6adb0621

Score
10/10
collectionevasion

Malware Config

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    mail.mail15.cp247.net
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Mm8182

Targets

    • Target

      20200520.exe

    • Size

      863KB

    • MD5

      a9a56a42ee7e10e44ef8cc503a879ab9

    • SHA1

      3891f93991867dbf98813000b53ed62227fc810a

    • SHA256

      1ecfa46b754e89d2a0b6abd95c32e60d0bc4a10ee3a996bcb8be86e400d8c7ad

    • SHA512

      53ed3f0b25fa7ae5b93fca023aeb6428389c121039682e35d3648c7b895371baf6bea18626bef89fea606bdbf948457867aed29216996014bbb046428e0d33fd

    Score
    10/10
    collectionevasion

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Accesses Microsoft Outlook profiles

      collection

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks