Overview

overview

10

Static

static

993cbc33d5...56.exe

windows7-x64

10

993cbc33d5...56.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    993cbc33d5548f240c48234cfb3669e1b6681fd6abdf7176d3bbbb8d4b9d8a56

  • Size

    671KB

  • Sample

    221106-tjkl6aaec5

  • MD5

    04c58312dfb7495373c219fd9656f1c6

  • SHA1

    154e2a040abe1a7030b3aeb145051bdc3f4185e4

  • SHA256

    993cbc33d5548f240c48234cfb3669e1b6681fd6abdf7176d3bbbb8d4b9d8a56

  • SHA512

    90e9992ac2d8c4e672b71ad57d5920950cd4baa6c85700bb3f17b7aa5f15a45e3173d04fb7a16999ef0c04f7c02f40f5e45d531cd9b8df7a61a36f61e2e3fb3b

  • SSDEEP

    12288:e3TdtLW5WIj1dSSdFxsySXyMzBUWb9lx/9AgFLo8OW+rB:oDsj1YEcycJ9nPx/igxp+

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      993cbc33d5548f240c48234cfb3669e1b6681fd6abdf7176d3bbbb8d4b9d8a56

    • Size

      671KB

    • MD5

      04c58312dfb7495373c219fd9656f1c6

    • SHA1

      154e2a040abe1a7030b3aeb145051bdc3f4185e4

    • SHA256

      993cbc33d5548f240c48234cfb3669e1b6681fd6abdf7176d3bbbb8d4b9d8a56

    • SHA512

      90e9992ac2d8c4e672b71ad57d5920950cd4baa6c85700bb3f17b7aa5f15a45e3173d04fb7a16999ef0c04f7c02f40f5e45d531cd9b8df7a61a36f61e2e3fb3b

    • SSDEEP

      12288:e3TdtLW5WIj1dSSdFxsySXyMzBUWb9lx/9AgFLo8OW+rB:oDsj1YEcycJ9nPx/igxp+

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks