Overview

overview

10

Static

static

319857c4f3...a7.exe

windows7-x64

10

319857c4f3...a7.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    319857c4f314216f29cc68be00378322483d53ad1bea765ad5e02640605d45a7

  • Size

    48KB

  • Sample

    221107-sw9ldagafk

  • MD5

    0771eb7d52d30a9c98eb92d7210161b7

  • SHA1

    5b3a0492b4ba5abf2102d0fc69aefb612d47627d

  • SHA256

    319857c4f314216f29cc68be00378322483d53ad1bea765ad5e02640605d45a7

  • SHA512

    e71d37f3c1070e11e991c7072c9346e88ee50e9b6df5361638b246f506d2d7489e18413858893c0c9a63b3e259737f4293f730155dcb9f164c5bc0889c2da7c2

  • SSDEEP

    768:Ice/A+bfiNn37w6oifZTvb5ohF7Y/myfBirIGxv35BMCAI8J9Ua0rDq:6A+jw3NfZTvbqa0rHl5o9Uayq

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      319857c4f314216f29cc68be00378322483d53ad1bea765ad5e02640605d45a7

    • Size

      48KB

    • MD5

      0771eb7d52d30a9c98eb92d7210161b7

    • SHA1

      5b3a0492b4ba5abf2102d0fc69aefb612d47627d

    • SHA256

      319857c4f314216f29cc68be00378322483d53ad1bea765ad5e02640605d45a7

    • SHA512

      e71d37f3c1070e11e991c7072c9346e88ee50e9b6df5361638b246f506d2d7489e18413858893c0c9a63b3e259737f4293f730155dcb9f164c5bc0889c2da7c2

    • SSDEEP

      768:Ice/A+bfiNn37w6oifZTvb5ohF7Y/myfBirIGxv35BMCAI8J9Ua0rDq:6A+jw3NfZTvbqa0rHl5o9Uayq

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Disables RegEdit via registry modification

      evasion

    • Disables cmd.exe use via registry modification

      evasion

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks