Overview

overview

8

Static

static

40b9a0d07a...4f.exe

windows7-x64

8

40b9a0d07a...4f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40b9a0d07a122dff54576a26ea3833bf532f93a8404942a6b32e6cc2e240594f

  • Size

    40KB

  • Sample

    221002-l62j7aafa8

  • MD5

    638b381cde37f3f633f4fe0efeb97691

  • SHA1

    30623b22167fae3e1f7bef8de83ef67a2c685cbb

  • SHA256

    40b9a0d07a122dff54576a26ea3833bf532f93a8404942a6b32e6cc2e240594f

  • SHA512

    c072f033cddddd9e02932cb116828b4062c5fc9b702cc3e9f1ade2b0ecd95258e1e100d1ca4ae7633d8298c67bbc284c73a0d749c036034c2488fb356ecfbd0b

  • SSDEEP

    768:/q5uNaY7HHG8wCVk9dhhMep41ZLLBV/UE:/q5h4Hkh2BVcE

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      40b9a0d07a122dff54576a26ea3833bf532f93a8404942a6b32e6cc2e240594f

    • Size

      40KB

    • MD5

      638b381cde37f3f633f4fe0efeb97691

    • SHA1

      30623b22167fae3e1f7bef8de83ef67a2c685cbb

    • SHA256

      40b9a0d07a122dff54576a26ea3833bf532f93a8404942a6b32e6cc2e240594f

    • SHA512

      c072f033cddddd9e02932cb116828b4062c5fc9b702cc3e9f1ade2b0ecd95258e1e100d1ca4ae7633d8298c67bbc284c73a0d749c036034c2488fb356ecfbd0b

    • SSDEEP

      768:/q5uNaY7HHG8wCVk9dhhMep41ZLLBV/UE:/q5h4Hkh2BVcE

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

3
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks