Overview

overview

10

Static

static

5

52d00acb16...a9.exe

windows7-x64

10

52d00acb16...a9.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9

  • Size

    806KB

  • Sample

    221121-td8f2agd96

  • MD5

    3a16a6be9ce2c8c3a36e6a5046defe20

  • SHA1

    eaeb585bd7cb1366f830b09624c130196df7b0f3

  • SHA256

    52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9

  • SHA512

    0ad9fdc87a07079d028e96eea2300305df75e048d344b3691bcf02a7efa06c406a574e058f10470993a5169508f9cf7c4841b931df234faef12513426dc54b73

  • SSDEEP

    12288:8gDhdkq5BCoC5LfWSLTUQpr2Zu19QmrM9Q:8gDhdkMRWfLTUO2Zu1umrMS

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9

    • Size

      806KB

    • MD5

      3a16a6be9ce2c8c3a36e6a5046defe20

    • SHA1

      eaeb585bd7cb1366f830b09624c130196df7b0f3

    • SHA256

      52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9

    • SHA512

      0ad9fdc87a07079d028e96eea2300305df75e048d344b3691bcf02a7efa06c406a574e058f10470993a5169508f9cf7c4841b931df234faef12513426dc54b73

    • SSDEEP

      12288:8gDhdkq5BCoC5LfWSLTUQpr2Zu19QmrM9Q:8gDhdkMRWfLTUO2Zu1umrMS

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks