Overview

overview

8

Static

static

f6b922e0b1...a6.exe

windows7-x64

8

f6b922e0b1...a6.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6b922e0b192cc27c25caa753fb58b03f243b7008e198bd5ec67fb98b3d757a6

  • Size

    48KB

  • Sample

    221028-3xwe9adacq

  • MD5

    00170a3b55eb74baea75ccecc1b26281

  • SHA1

    a1283b97699a17a691637da24d6ea6ab32090fb4

  • SHA256

    f6b922e0b192cc27c25caa753fb58b03f243b7008e198bd5ec67fb98b3d757a6

  • SHA512

    d5db0a076cf4de70eaf7407c87e0e66c053acd5091358ad03ee2e51b0473af801c2d561f70e14b1e7d900b44d1e2d46094c2f2b552e5eec68a4950f070ca8742

  • SSDEEP

    768:/wlvcHH7nua2oRSCAVnyTSTPdGAz73DfFc1EXsc:YlvcnzSymT1c1msc

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      f6b922e0b192cc27c25caa753fb58b03f243b7008e198bd5ec67fb98b3d757a6

    • Size

      48KB

    • MD5

      00170a3b55eb74baea75ccecc1b26281

    • SHA1

      a1283b97699a17a691637da24d6ea6ab32090fb4

    • SHA256

      f6b922e0b192cc27c25caa753fb58b03f243b7008e198bd5ec67fb98b3d757a6

    • SHA512

      d5db0a076cf4de70eaf7407c87e0e66c053acd5091358ad03ee2e51b0473af801c2d561f70e14b1e7d900b44d1e2d46094c2f2b552e5eec68a4950f070ca8742

    • SSDEEP

      768:/wlvcHH7nua2oRSCAVnyTSTPdGAz73DfFc1EXsc:YlvcnzSymT1c1msc

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks