Overview

overview

10

Static

static

5

5cd98524e5...dd.exe

windows7-x64

10

5cd98524e5...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5cd98524e53eac6e26afe790dcf3b3b59b5195831e7859f1046de2b320bf57dd

  • Size

    7.9MB

  • Sample

    221004-ay5fbsecc9

  • MD5

    3385491944f44bb09eb674c92a75eb7c

  • SHA1

    6b9491c27147fb603451ddfbfa57f0e3085e6bcb

  • SHA256

    5cd98524e53eac6e26afe790dcf3b3b59b5195831e7859f1046de2b320bf57dd

  • SHA512

    caed1d53fff7a8895d765ae708123464eb7a9cf97094de21854cb4f0a3773ff9e4965020849e2cc247457f1b2c952453f90fe041de2aac9b87dd27840a46adb2

  • SSDEEP

    196608:LfUD4Ct99c1eCbvSCbwDvK8uUzrWsjnDRzoS:Lfi4M9O1eavSCEDS8uUhLDR0S

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      5cd98524e53eac6e26afe790dcf3b3b59b5195831e7859f1046de2b320bf57dd

    • Size

      7.9MB

    • MD5

      3385491944f44bb09eb674c92a75eb7c

    • SHA1

      6b9491c27147fb603451ddfbfa57f0e3085e6bcb

    • SHA256

      5cd98524e53eac6e26afe790dcf3b3b59b5195831e7859f1046de2b320bf57dd

    • SHA512

      caed1d53fff7a8895d765ae708123464eb7a9cf97094de21854cb4f0a3773ff9e4965020849e2cc247457f1b2c952453f90fe041de2aac9b87dd27840a46adb2

    • SSDEEP

      196608:LfUD4Ct99c1eCbvSCbwDvK8uUzrWsjnDRzoS:Lfi4M9O1eavSCEDS8uUhLDR0S

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks