Overview

overview

10

Static

static

b478e16944...18.exe

windows7-x64

10

b478e16944...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b478e16944646e7617dcfd14ecafad58598b932893209906ee8286b8b9242f18

  • Size

    158KB

  • Sample

    221011-ltsrhsgge3

  • MD5

    6ef2210bbb57bbf80dcd42c558d1a727

  • SHA1

    aca4232b61285c309c5c77ba4e29e6482ac06597

  • SHA256

    b478e16944646e7617dcfd14ecafad58598b932893209906ee8286b8b9242f18

  • SHA512

    0c9bbb13557768947b068c9f02d083f77bf5e7d3de62b7ff3f58bd34d25bb5dc30057052d9a3ada7a89fe9ba1799c934b9d85ddb041a1f84553c4186bfe449a0

  • SSDEEP

    3072:GGvg46qerlNpXSmvIoWocvM82NbB38wJzRP6:GGLUNpXFcvMVF8wJzM

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      b478e16944646e7617dcfd14ecafad58598b932893209906ee8286b8b9242f18

    • Size

      158KB

    • MD5

      6ef2210bbb57bbf80dcd42c558d1a727

    • SHA1

      aca4232b61285c309c5c77ba4e29e6482ac06597

    • SHA256

      b478e16944646e7617dcfd14ecafad58598b932893209906ee8286b8b9242f18

    • SHA512

      0c9bbb13557768947b068c9f02d083f77bf5e7d3de62b7ff3f58bd34d25bb5dc30057052d9a3ada7a89fe9ba1799c934b9d85ddb041a1f84553c4186bfe449a0

    • SSDEEP

      3072:GGvg46qerlNpXSmvIoWocvM82NbB38wJzRP6:GGLUNpXFcvMVF8wJzM

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks