Overview

overview

8

Static

static

3

3291ddfc14...95.exe

windows7_x64

8

3291ddfc14...95.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3291ddfc14f62c917c15100eb1f92166627cbc77c590ebf4a023ac5f6c2afd95

  • Size

    5.9MB

  • Sample

    220524-ctt5xaffbm

  • MD5

    b5014f25264e23ba6bf99e92ead9f1f9

  • SHA1

    9a34c013bdf90d27c8420c1222c9bf4380cfe67f

  • SHA256

    3291ddfc14f62c917c15100eb1f92166627cbc77c590ebf4a023ac5f6c2afd95

  • SHA512

    6b7a5e212439736bd9f082fc46a63c8dabf1db1f717f496f3975326cc2fd05ff93a2da8763315809dcdfbb17e0867f2fca1054b8b57077c2781eb14335010d5f

Score
8/10
evasionpersistencepyinstaller

Malware Config

Targets

    • Target

      3291ddfc14f62c917c15100eb1f92166627cbc77c590ebf4a023ac5f6c2afd95

    • Size

      5.9MB

    • MD5

      b5014f25264e23ba6bf99e92ead9f1f9

    • SHA1

      9a34c013bdf90d27c8420c1222c9bf4380cfe67f

    • SHA256

      3291ddfc14f62c917c15100eb1f92166627cbc77c590ebf4a023ac5f6c2afd95

    • SHA512

      6b7a5e212439736bd9f082fc46a63c8dabf1db1f717f496f3975326cc2fd05ff93a2da8763315809dcdfbb17e0867f2fca1054b8b57077c2781eb14335010d5f

    Score
    8/10
    evasionpersistencepyinstaller

    • Creates new service(s)

      persistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

New Service

1
T1050

Modify Existing Service

1
T1031

Scheduled Task

1
T1053

Privilege Escalation

New Service

1
T1050

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks