Overview

overview

6

Static

static

201ddfdbc2...4b.exe

windows7-x64

1

201ddfdbc2...4b.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    201ddfdbc25335a4a025b747a9d2c92048e096a5c22491adaf34fe5302bdd04b

  • Size

    122KB

  • Sample

    221002-r8kbkschbn

  • MD5

    660cb84aecd8a5a027cb756438aaade0

  • SHA1

    bb48fff5af88d6c12448426599fbe459401d08eb

  • SHA256

    201ddfdbc25335a4a025b747a9d2c92048e096a5c22491adaf34fe5302bdd04b

  • SHA512

    e4d9e117581bfdbf9012caba7f3310dae5098cd6a821c7a0295ba8757e561541544554103bc1fefe10c4f7ebcc505f55d42b121b9bff73af5c8ecf7701c98906

  • SSDEEP

    1536:/CefXOa+bPak7pozw6kJimfyT6RQbleb9gxp6TEOK1YFzGULI:vfXOa+bPak7poz3KTfcCOwTEOxFzGU0

Score
6/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      201ddfdbc25335a4a025b747a9d2c92048e096a5c22491adaf34fe5302bdd04b

    • Size

      122KB

    • MD5

      660cb84aecd8a5a027cb756438aaade0

    • SHA1

      bb48fff5af88d6c12448426599fbe459401d08eb

    • SHA256

      201ddfdbc25335a4a025b747a9d2c92048e096a5c22491adaf34fe5302bdd04b

    • SHA512

      e4d9e117581bfdbf9012caba7f3310dae5098cd6a821c7a0295ba8757e561541544554103bc1fefe10c4f7ebcc505f55d42b121b9bff73af5c8ecf7701c98906

    • SSDEEP

      1536:/CefXOa+bPak7pozw6kJimfyT6RQbleb9gxp6TEOK1YFzGULI:vfXOa+bPak7poz3KTfcCOwTEOxFzGU0

    Score
    6/10
    microsoftpersistencephishing

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks