Overview

overview

8

Static

static

8ec3e1a846...75.exe

windows7-x64

8

8ec3e1a846...75.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ec3e1a846744b4b4eea1cab1db2cccbcec4f72dd8fba34a0dce3727b0c7d675

  • Size

    52KB

  • Sample

    221107-gcnn1sdcaj

  • MD5

    0cda8babe6466ba9d6c392160339b010

  • SHA1

    1eccc9c2c7ff81481f65a5cfb5612b19ae243c02

  • SHA256

    8ec3e1a846744b4b4eea1cab1db2cccbcec4f72dd8fba34a0dce3727b0c7d675

  • SHA512

    c26869165ce769a7d068f0182508306cb609a7b1cf65e269e0fdf1f629f4eed6280662b850dd1d3862437da3c9e6850d51989e36440e34e68b12c65324af2909

  • SSDEEP

    768:354X+naCQJBl5DRPvHIlgSB/RF6OWM/a11x1K+XpYX+:3iunW5D9IBpFDWXpC+

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      8ec3e1a846744b4b4eea1cab1db2cccbcec4f72dd8fba34a0dce3727b0c7d675

    • Size

      52KB

    • MD5

      0cda8babe6466ba9d6c392160339b010

    • SHA1

      1eccc9c2c7ff81481f65a5cfb5612b19ae243c02

    • SHA256

      8ec3e1a846744b4b4eea1cab1db2cccbcec4f72dd8fba34a0dce3727b0c7d675

    • SHA512

      c26869165ce769a7d068f0182508306cb609a7b1cf65e269e0fdf1f629f4eed6280662b850dd1d3862437da3c9e6850d51989e36440e34e68b12c65324af2909

    • SSDEEP

      768:354X+naCQJBl5DRPvHIlgSB/RF6OWM/a11x1K+XpYX+:3iunW5D9IBpFDWXpC+

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks