Overview

overview

8

Static

static

0f98884a4b...ee.exe

windows7-x64

8

0f98884a4b...ee.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

  • Size

    60KB

  • Sample

    221107-gcqhlsdcam

  • MD5

    04889728c050d67be39f3fe3b4122376

  • SHA1

    dc31aa70c065b9d7d34a758c38a4a23db500f7d9

  • SHA256

    0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

  • SHA512

    e0655018923fec9cd6f2d061fc7b39c89fd6484b950569ac12ed8d4243900cf85cd0c05493133ffe8b10eabb080919f0ea95fde1b80bdfbd1a48f8e3cba6175e

  • SSDEEP

    768:j846E20pHTcEthIScmbPu5Q3Nen+4RN5EvjuHwWs4eNE1tV7xaUlvXM:j8TRI7dbPusNen+4RN5uK0ZMvl/M

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

    • Size

      60KB

    • MD5

      04889728c050d67be39f3fe3b4122376

    • SHA1

      dc31aa70c065b9d7d34a758c38a4a23db500f7d9

    • SHA256

      0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

    • SHA512

      e0655018923fec9cd6f2d061fc7b39c89fd6484b950569ac12ed8d4243900cf85cd0c05493133ffe8b10eabb080919f0ea95fde1b80bdfbd1a48f8e3cba6175e

    • SSDEEP

      768:j846E20pHTcEthIScmbPu5Q3Nen+4RN5EvjuHwWs4eNE1tV7xaUlvXM:j8TRI7dbPusNen+4RN5uK0ZMvl/M

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks