Overview

overview

8

Static

static

a586779fe7...cb.exe

windows7-x64

8

a586779fe7...cb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

  • Size

    48KB

  • Sample

    221106-jqw9esdbcl

  • MD5

    12493d8568e0e4718f1cb98b9c926630

  • SHA1

    23e6dfb75a7be7e3c6dd1abcbf517e3cca1dc3b5

  • SHA256

    a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

  • SHA512

    c1ffd90560134997c71098609827345e661ed908d410fc46924dc25c8751e2b5c518a33a0aba86d48855ea3691c0349b2473867d7433086264afa43629aeacf5

  • SSDEEP

    768:zCIVwtym3OJt4vze9LfTUd+0yTXHa6a5+QEyTTbJXse:2I03OLuc0c0yb67WyPbRse

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

    • Size

      48KB

    • MD5

      12493d8568e0e4718f1cb98b9c926630

    • SHA1

      23e6dfb75a7be7e3c6dd1abcbf517e3cca1dc3b5

    • SHA256

      a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

    • SHA512

      c1ffd90560134997c71098609827345e661ed908d410fc46924dc25c8751e2b5c518a33a0aba86d48855ea3691c0349b2473867d7433086264afa43629aeacf5

    • SSDEEP

      768:zCIVwtym3OJt4vze9LfTUd+0yTXHa6a5+QEyTTbJXse:2I03OLuc0c0yb67WyPbRse

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks