General

  • Target

    9dc4f90e793c50ff837c8cda2ae9823637bf0188bdd5d39ebae33605b48e7abb

  • Size

    500KB

  • Sample

    220625-ebzzjschgl

  • MD5

    847a9e7d782d0232581752856a146e5b

  • SHA1

    6abe12d2ec534673f16b1a4f5f7f4082a2a2acc3

  • SHA256

    9dc4f90e793c50ff837c8cda2ae9823637bf0188bdd5d39ebae33605b48e7abb

  • SHA512

    7380dcaf0a6fec8faebd4e90b182dda04aae4a349c3b5338e52d6222e5a70ff18cb3bc56635762a6693b79b5ec4e9ca4b9462f58fc7865bb0aafed7828a85d45

Score
9/10

Malware Config

Targets

    • Target

      9dc4f90e793c50ff837c8cda2ae9823637bf0188bdd5d39ebae33605b48e7abb

    • Size

      500KB

    • MD5

      847a9e7d782d0232581752856a146e5b

    • SHA1

      6abe12d2ec534673f16b1a4f5f7f4082a2a2acc3

    • SHA256

      9dc4f90e793c50ff837c8cda2ae9823637bf0188bdd5d39ebae33605b48e7abb

    • SHA512

      7380dcaf0a6fec8faebd4e90b182dda04aae4a349c3b5338e52d6222e5a70ff18cb3bc56635762a6693b79b5ec4e9ca4b9462f58fc7865bb0aafed7828a85d45

    Score
    9/10
    • ReZer0 packer

      Detects ReZer0, a packer with multiple versions used in various campaigns.

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

2
T1120

System Information Discovery

3
T1082

Tasks