Overview

overview

8

Static

static

Windows_activator.exe

windows7-x64

8

Windows_activator.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Windows_activator.exe

  • Size

    2.0MB

  • Sample

    220912-cde12sgcaj

  • MD5

    b4a32a8cb456c434429658fb4d440a71

  • SHA1

    9634db91736a90b52f391ed958e30c39207ac58e

  • SHA256

    15c8aee0beddebe3eae3d666de68737fa9aa5b211540cbaa83ff03f0011f5224

  • SHA512

    f0908ba0d49680ddb333ee8589ea16d236ab2a2114d6d99b7edbdb920e8d3740bedc6d556f4cefdfda46d3377a1813f9b87f4fa42af9064a90d001e15ec7ce44

  • SSDEEP

    12288:mu/va+3zyqxan5rDyUq8Gvu5LVtlhLNzDhTLaniXh3kYBIeKuowv6Y8o:Dva+an5rDyUq8GveLLTLNzpa0k01ao

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      Windows_activator.exe

    • Size

      2.0MB

    • MD5

      b4a32a8cb456c434429658fb4d440a71

    • SHA1

      9634db91736a90b52f391ed958e30c39207ac58e

    • SHA256

      15c8aee0beddebe3eae3d666de68737fa9aa5b211540cbaa83ff03f0011f5224

    • SHA512

      f0908ba0d49680ddb333ee8589ea16d236ab2a2114d6d99b7edbdb920e8d3740bedc6d556f4cefdfda46d3377a1813f9b87f4fa42af9064a90d001e15ec7ce44

    • SSDEEP

      12288:mu/va+3zyqxan5rDyUq8Gvu5LVtlhLNzDhTLaniXh3kYBIeKuowv6Y8o:Dva+an5rDyUq8GveLLTLNzpa0k01ao

    Score
    8/10
    discoveryexploit

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks