Overview

overview

8

Static

static

8

bb814bca0e...41.exe

windows7-x64

7

bb814bca0e...41.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb814bca0edbe26fc7422236f625935911be8fc65a415cbb4b3255b2fbaaa641

  • Size

    385KB

  • Sample

    221030-pcl47aabd3

  • MD5

    5cd6bb4299e2a438132615b8cab4eb90

  • SHA1

    800e65db5819dbdd5da3ae75110173b03715c52b

  • SHA256

    bb814bca0edbe26fc7422236f625935911be8fc65a415cbb4b3255b2fbaaa641

  • SHA512

    1ca9a85b0b256c047c11658848d9d22703bc5b2701f8cc0e2f22186ed7078b3fb1dd9a126afc27094cd4de1bfb594a523fe7958831c293fb6baea217dcf4e360

  • SSDEEP

    6144:NFtapk++Tnge/Xv/X4MUiC974HvHvGK1q9hCsxwesy18NoMejQvJvLlSrXbL:N3a+T3/X4Mk+vtnPy18WoTYrX

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      bb814bca0edbe26fc7422236f625935911be8fc65a415cbb4b3255b2fbaaa641

    • Size

      385KB

    • MD5

      5cd6bb4299e2a438132615b8cab4eb90

    • SHA1

      800e65db5819dbdd5da3ae75110173b03715c52b

    • SHA256

      bb814bca0edbe26fc7422236f625935911be8fc65a415cbb4b3255b2fbaaa641

    • SHA512

      1ca9a85b0b256c047c11658848d9d22703bc5b2701f8cc0e2f22186ed7078b3fb1dd9a126afc27094cd4de1bfb594a523fe7958831c293fb6baea217dcf4e360

    • SSDEEP

      6144:NFtapk++Tnge/Xv/X4MUiC974HvHvGK1q9hCsxwesy18NoMejQvJvLlSrXbL:N3a+T3/X4Mk+vtnPy18WoTYrX

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks