Overview

overview

8

Static

static

104b880b8b...75.exe

windows7-x64

8

104b880b8b...75.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    104b880b8b19cd80a44b4d6689fe7b5c1732e1648555651b20ef694aafeb2c75

  • Size

    36KB

  • Sample

    221011-tg87qsdagq

  • MD5

    177fda2ae82ae84dd122ce4b81040960

  • SHA1

    163246fe46f98a747ed37ad3394d5e5f35c906ff

  • SHA256

    104b880b8b19cd80a44b4d6689fe7b5c1732e1648555651b20ef694aafeb2c75

  • SHA512

    f657d40f7dced48fe5300fea3e334caca87106f94990336d5bdeed1a4eeca3cb180b1b75f1d95c7430b7ff3af2cf090140c9265938efc3c96b4626ad17553eb2

  • SSDEEP

    768:/KtoFHcuipk3Sw1p0DNaPKB02Isxpjdn9Dp:/quZFSwAaPKB0In9Dp

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      104b880b8b19cd80a44b4d6689fe7b5c1732e1648555651b20ef694aafeb2c75

    • Size

      36KB

    • MD5

      177fda2ae82ae84dd122ce4b81040960

    • SHA1

      163246fe46f98a747ed37ad3394d5e5f35c906ff

    • SHA256

      104b880b8b19cd80a44b4d6689fe7b5c1732e1648555651b20ef694aafeb2c75

    • SHA512

      f657d40f7dced48fe5300fea3e334caca87106f94990336d5bdeed1a4eeca3cb180b1b75f1d95c7430b7ff3af2cf090140c9265938efc3c96b4626ad17553eb2

    • SSDEEP

      768:/KtoFHcuipk3Sw1p0DNaPKB02Isxpjdn9Dp:/quZFSwAaPKB0In9Dp

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks