Overview

overview

8

Static

static

062bc64797...12.exe

windows7-x64

8

062bc64797...12.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    062bc64797be336ea88d6b177254c2f458a2145695da0bc7a099f11295e5f112

  • Size

    52KB

  • Sample

    221106-lthljsggak

  • MD5

    3b25ea812162be530e7f824533765a20

  • SHA1

    68f5d8cbf8517b0f06468c9d0d6d585072fd69b5

  • SHA256

    062bc64797be336ea88d6b177254c2f458a2145695da0bc7a099f11295e5f112

  • SHA512

    de7eb93de8e417e8f4de0143e60bd3be80ac75732166af72b9114119ab24ca4bb16d68d6c7f198d90fafe4e580a4b163be7aff70614f86eca20a01ef78b2e1e8

  • SSDEEP

    768:y/5aFey0/zxNwYRx6Y9dgs9C1PnnD/nhcAZqWdXmCVuCKqP1p0zbX9o:45aYz/z3XxUD/zhqQpiz9o

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      062bc64797be336ea88d6b177254c2f458a2145695da0bc7a099f11295e5f112

    • Size

      52KB

    • MD5

      3b25ea812162be530e7f824533765a20

    • SHA1

      68f5d8cbf8517b0f06468c9d0d6d585072fd69b5

    • SHA256

      062bc64797be336ea88d6b177254c2f458a2145695da0bc7a099f11295e5f112

    • SHA512

      de7eb93de8e417e8f4de0143e60bd3be80ac75732166af72b9114119ab24ca4bb16d68d6c7f198d90fafe4e580a4b163be7aff70614f86eca20a01ef78b2e1e8

    • SSDEEP

      768:y/5aFey0/zxNwYRx6Y9dgs9C1PnnD/nhcAZqWdXmCVuCKqP1p0zbX9o:45aYz/z3XxUD/zhqQpiz9o

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks