Overview

overview

10

Static

static

5

20f33ea0e8...1a.exe

windows7-x64

10

20f33ea0e8...1a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20f33ea0e8655745cf14c14dcfab466039dffa3fd0092b4e2b16162a7ac1511a

  • Size

    2.0MB

  • Sample

    221020-xjt3daada9

  • MD5

    7612a0bbe9675f1c15b1d02ff09e8d41

  • SHA1

    dc7d62fc431f3632862e2c6214fa281d1e31297a

  • SHA256

    20f33ea0e8655745cf14c14dcfab466039dffa3fd0092b4e2b16162a7ac1511a

  • SHA512

    e9f74137c2bac0a9210a1a161b21c882289652e6b236c0b594eae56ed9ccc015edfa7ad0cae1248b30a87b6d5a711e82ae3dabf3efdd5b53e0f26c46b40c507b

  • SSDEEP

    49152:VeJfAJGpLDxrnP870aDe1PcrnP87NmDe1P:VeVAJUdEq1UEJ1

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      20f33ea0e8655745cf14c14dcfab466039dffa3fd0092b4e2b16162a7ac1511a

    • Size

      2.0MB

    • MD5

      7612a0bbe9675f1c15b1d02ff09e8d41

    • SHA1

      dc7d62fc431f3632862e2c6214fa281d1e31297a

    • SHA256

      20f33ea0e8655745cf14c14dcfab466039dffa3fd0092b4e2b16162a7ac1511a

    • SHA512

      e9f74137c2bac0a9210a1a161b21c882289652e6b236c0b594eae56ed9ccc015edfa7ad0cae1248b30a87b6d5a711e82ae3dabf3efdd5b53e0f26c46b40c507b

    • SSDEEP

      49152:VeJfAJGpLDxrnP870aDe1PcrnP87NmDe1P:VeVAJUdEq1UEJ1

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks