Overview

overview

8

Static

static

8c56114c37...dc.exe

windows7-x64

8

8c56114c37...dc.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c56114c371cc3487b46b0a24bea94f83a9e75388ca89b4d30250958a2fa54dc

  • Size

    40KB

  • Sample

    221107-gcsb7sdcap

  • MD5

    0ce6305e04025187ecf7d77fc0b252e0

  • SHA1

    db791b56789cb0d0607af5736776eb5d1ee6391c

  • SHA256

    8c56114c371cc3487b46b0a24bea94f83a9e75388ca89b4d30250958a2fa54dc

  • SHA512

    8277961cb4bddfc0dfb5449bd867129008185777db27fd7c51121228f883cd8dd1fa8bc95fc10898e8225d1b00a18448d14a54186f205cffd8d166520bad2347

  • SSDEEP

    768:/lxovdKAmIJRz7mi3D07UeBKF5SkcZ4PKdXc1sDhl:/lm4AJPz7mGeYsdXc1stl

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      8c56114c371cc3487b46b0a24bea94f83a9e75388ca89b4d30250958a2fa54dc

    • Size

      40KB

    • MD5

      0ce6305e04025187ecf7d77fc0b252e0

    • SHA1

      db791b56789cb0d0607af5736776eb5d1ee6391c

    • SHA256

      8c56114c371cc3487b46b0a24bea94f83a9e75388ca89b4d30250958a2fa54dc

    • SHA512

      8277961cb4bddfc0dfb5449bd867129008185777db27fd7c51121228f883cd8dd1fa8bc95fc10898e8225d1b00a18448d14a54186f205cffd8d166520bad2347

    • SSDEEP

      768:/lxovdKAmIJRz7mi3D07UeBKF5SkcZ4PKdXc1sDhl:/lm4AJPz7mGeYsdXc1stl

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks