Overview

overview

8

Static

static

3a69cdd48a...1d.exe

windows7-x64

8

3a69cdd48a...1d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a69cdd48a602bc7fc7a02c32c56bcfd83059cecc373fabd61d978d894748f1d

  • Size

    36KB

  • Sample

    221021-xkezvabcgp

  • MD5

    27c0ae51af391cf5d411e6aa790a7660

  • SHA1

    07c2bdca3cebcb1725a76260a151f986ae3b5bb8

  • SHA256

    3a69cdd48a602bc7fc7a02c32c56bcfd83059cecc373fabd61d978d894748f1d

  • SHA512

    3e101287b80f8cedd0725f43f66b820e3f09ce06ded85700e67dda9088739f225b8e8e6aabec80f4fbea258889274d0c30e3be2deebac9a0aa4ab41fee55ab7d

  • SSDEEP

    384:/TVm3+ZlsXw+3p1Vbm+MKTPbvToCzCxgUF6qcxM7IrOhsccqrQy/xG54M3C:/BZlsXF3pYKTPRagTL9rO/lsC

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      3a69cdd48a602bc7fc7a02c32c56bcfd83059cecc373fabd61d978d894748f1d

    • Size

      36KB

    • MD5

      27c0ae51af391cf5d411e6aa790a7660

    • SHA1

      07c2bdca3cebcb1725a76260a151f986ae3b5bb8

    • SHA256

      3a69cdd48a602bc7fc7a02c32c56bcfd83059cecc373fabd61d978d894748f1d

    • SHA512

      3e101287b80f8cedd0725f43f66b820e3f09ce06ded85700e67dda9088739f225b8e8e6aabec80f4fbea258889274d0c30e3be2deebac9a0aa4ab41fee55ab7d

    • SSDEEP

      384:/TVm3+ZlsXw+3p1Vbm+MKTPbvToCzCxgUF6qcxM7IrOhsccqrQy/xG54M3C:/BZlsXF3pYKTPRagTL9rO/lsC

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks