Overview

overview

8

Static

static

f5fc740a94...c7.exe

windows7-x64

8

f5fc740a94...c7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5fc740a94bedbcb69d9429214a6045fe18ea3f56ce1ea6329cbbc9551b260c7

  • Size

    40KB

  • Sample

    221012-v5sqbsdfdq

  • MD5

    65b0b3f915028e7d9b647cdd6813b2f0

  • SHA1

    cec104bc0c7e4fea16f8b24b7eadfcd78b3cb325

  • SHA256

    f5fc740a94bedbcb69d9429214a6045fe18ea3f56ce1ea6329cbbc9551b260c7

  • SHA512

    9dc991b8cc321727e4fe4652980fe3d2516c7b8f73d44f092220176bdb3b50d2e48b83174cac7e557cbea9ac1fb8c91d3f0a86fedf12f55e3d7e938fa46939f0

  • SSDEEP

    384:/TbxFtWCOLxBEk0I+satqAlgCq3O1Gxi8KDYf+m+LxrQN+lDqKnV8QYeaqEG54Ma:/RFtWCO9BEkxtatPTQDQdYWTh9qwoP

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      f5fc740a94bedbcb69d9429214a6045fe18ea3f56ce1ea6329cbbc9551b260c7

    • Size

      40KB

    • MD5

      65b0b3f915028e7d9b647cdd6813b2f0

    • SHA1

      cec104bc0c7e4fea16f8b24b7eadfcd78b3cb325

    • SHA256

      f5fc740a94bedbcb69d9429214a6045fe18ea3f56ce1ea6329cbbc9551b260c7

    • SHA512

      9dc991b8cc321727e4fe4652980fe3d2516c7b8f73d44f092220176bdb3b50d2e48b83174cac7e557cbea9ac1fb8c91d3f0a86fedf12f55e3d7e938fa46939f0

    • SSDEEP

      384:/TbxFtWCOLxBEk0I+satqAlgCq3O1Gxi8KDYf+m+LxrQN+lDqKnV8QYeaqEG54Ma:/RFtWCO9BEkxtatPTQDQdYWTh9qwoP

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks