Overview

overview

10

Static

static

99415ba5f4...2f.exe

windows7-x64

10

99415ba5f4...2f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    99415ba5f42e97491bc627748747ca67fd9786ed82297f71f42540083600c12f

  • Size

    275KB

  • Sample

    221030-za3n9shfa6

  • MD5

    a0ea761272519c0be72e169c5ea35bda

  • SHA1

    2b5dab951752425e7736ea5a20df9866eb35e0e4

  • SHA256

    99415ba5f42e97491bc627748747ca67fd9786ed82297f71f42540083600c12f

  • SHA512

    572699868c941277f79dd54f7af12f0e2adf3c941b0cd1444ed9cbc89b850af82d00468bde1bf5724d6248fb4e9c3c5498a9061146b0825112a6e89bbb59d7a5

  • SSDEEP

    3072:+E0QjAzXSjGPzsF7tV/2IChsTdwBYOIPPjoZanwMaySfBSrvz/RFD:h06AzXSjGAJVODhsTyw7unyS5SrLZR

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      99415ba5f42e97491bc627748747ca67fd9786ed82297f71f42540083600c12f

    • Size

      275KB

    • MD5

      a0ea761272519c0be72e169c5ea35bda

    • SHA1

      2b5dab951752425e7736ea5a20df9866eb35e0e4

    • SHA256

      99415ba5f42e97491bc627748747ca67fd9786ed82297f71f42540083600c12f

    • SHA512

      572699868c941277f79dd54f7af12f0e2adf3c941b0cd1444ed9cbc89b850af82d00468bde1bf5724d6248fb4e9c3c5498a9061146b0825112a6e89bbb59d7a5

    • SSDEEP

      3072:+E0QjAzXSjGPzsF7tV/2IChsTdwBYOIPPjoZanwMaySfBSrvz/RFD:h06AzXSjGAJVODhsTyw7unyS5SrLZR

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks