Overview

overview

8

Static

static

efc949dd5a...d7.exe

windows7-x64

8

efc949dd5a...d7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efc949dd5a1237095fca62fa50b9df10bac2b741f449c0aef0926139d70b77d7

  • Size

    36KB

  • Sample

    221107-ljsc1ahhg3

  • MD5

    0d688c12a4c3d854061590d33a0d2386

  • SHA1

    0cde2788d8a01cf3bb1afe11606237fea50cf064

  • SHA256

    efc949dd5a1237095fca62fa50b9df10bac2b741f449c0aef0926139d70b77d7

  • SHA512

    ea48150cce2a32b9e223c8164ac316ae930318cc47d8dffe2c92c06f3ba49d8b9a9cf670a59b1f6a355944638ff753e637d58b59f76cc732737838acca1a1fe4

  • SSDEEP

    768:/e0dD20UOGwSBv1BcAW7NaGS3Ktc3qtqR9:/e220VGF7W7NXqR9

Score
8/10
discoveryexploitpersistence

Malware Config

Targets

    • Target

      efc949dd5a1237095fca62fa50b9df10bac2b741f449c0aef0926139d70b77d7

    • Size

      36KB

    • MD5

      0d688c12a4c3d854061590d33a0d2386

    • SHA1

      0cde2788d8a01cf3bb1afe11606237fea50cf064

    • SHA256

      efc949dd5a1237095fca62fa50b9df10bac2b741f449c0aef0926139d70b77d7

    • SHA512

      ea48150cce2a32b9e223c8164ac316ae930318cc47d8dffe2c92c06f3ba49d8b9a9cf670a59b1f6a355944638ff753e637d58b59f76cc732737838acca1a1fe4

    • SSDEEP

      768:/e0dD20UOGwSBv1BcAW7NaGS3Ktc3qtqR9:/e220VGF7W7NXqR9

    Score
    8/10
    discoveryexploitpersistence

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks