Overview

overview

8

Static

static

5

99f37be737...a7.exe

windows7_x64

8

99f37be737...a7.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    99f37be737f2a1d0cfe958cc65fde94c310689d59304845c6e9a882bb75c08a7

  • Size

    5.3MB

  • Sample

    220521-wz5clsdhgj

  • MD5

    3e4e6091833b5b343142199f591d9fc2

  • SHA1

    c8da3112aec96c69874b08a34e9adb7245babde3

  • SHA256

    99f37be737f2a1d0cfe958cc65fde94c310689d59304845c6e9a882bb75c08a7

  • SHA512

    0f8c4c1aa612c0fc00c3383017a41b013f7ab483a685c1d2c0ad48d28da7274c5532915d6a7c34dc7a22fcde26aa4825d8dae5c0e010e29d99362858a172926c

Score
8/10
evasion

Malware Config

Targets

    • Target

      99f37be737f2a1d0cfe958cc65fde94c310689d59304845c6e9a882bb75c08a7

    • Size

      5.3MB

    • MD5

      3e4e6091833b5b343142199f591d9fc2

    • SHA1

      c8da3112aec96c69874b08a34e9adb7245babde3

    • SHA256

      99f37be737f2a1d0cfe958cc65fde94c310689d59304845c6e9a882bb75c08a7

    • SHA512

      0f8c4c1aa612c0fc00c3383017a41b013f7ab483a685c1d2c0ad48d28da7274c5532915d6a7c34dc7a22fcde26aa4825d8dae5c0e010e29d99362858a172926c

    Score
    8/10
    evasion

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks