Overview

overview

8

Static

static

gateway64....49.exe

windows7-x64

8

gateway64....49.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gateway64.3.0.0.20220913112549.exe

  • Size

    226.4MB

  • Sample

    220925-q86n5sehh2

  • MD5

    5bc94172686fa14e05d1a679fcdc035c

  • SHA1

    3b308e0f2ff9460c86f220122541a70788f62046

  • SHA256

    9eb1cfa4955ed5e3e66dac7f5c03887dc635c91f37194835fee61a23c47dda0d

  • SHA512

    b0184276e21b6f144fd688994f76e95269f1a0fb8316216606905a14282a69ceb3793b61e03939ee5fdfc4eadf3453812152b661f5ac8c7c60bbecd68800e759

  • SSDEEP

    3145728:lKar7gXMsXwgjaCr1OSG7XGiz+ya8VHCvNFLbvwdI5nkg3bfAa9fOaAMkZ5xI8Uk:p7MRDaxMa88Ucih567ZzbIo5VQu9EM

Score
8/10
discoverypersistencepyinstaller

Malware Config

Targets

    • Target

      gateway64.3.0.0.20220913112549.exe

    • Size

      226.4MB

    • MD5

      5bc94172686fa14e05d1a679fcdc035c

    • SHA1

      3b308e0f2ff9460c86f220122541a70788f62046

    • SHA256

      9eb1cfa4955ed5e3e66dac7f5c03887dc635c91f37194835fee61a23c47dda0d

    • SHA512

      b0184276e21b6f144fd688994f76e95269f1a0fb8316216606905a14282a69ceb3793b61e03939ee5fdfc4eadf3453812152b661f5ac8c7c60bbecd68800e759

    • SSDEEP

      3145728:lKar7gXMsXwgjaCr1OSG7XGiz+ya8VHCvNFLbvwdI5nkg3bfAa9fOaAMkZ5xI8Uk:p7MRDaxMa88Ucih567ZzbIo5VQu9EM

    Score
    8/10
    pyinstallerdiscoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks