Overview

overview

8

Static

static

1

5e2b5cddbd...68.exe

windows7-x64

8

5e2b5cddbd...68.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e2b5cddbd9f53d306f523ee8f3c617a1af5619c698237c98c1e54ef087c8e68

  • Size

    176KB

  • Sample

    221123-m5ybtaba5z

  • MD5

    e6bc634e2272a0fd16d9cb16d9c0f38e

  • SHA1

    071b6be704f0b75ae39bbcc2f304e40e899621c8

  • SHA256

    5e2b5cddbd9f53d306f523ee8f3c617a1af5619c698237c98c1e54ef087c8e68

  • SHA512

    0e225a8e21d4230872a750e634e7d31a6ab842ed184b90306aa062699d99bda45d2a12865448509c9c462989aacd9d7f62365904bf6c999f77880210eb850914

  • SSDEEP

    3072:SoPyys5jXJW45dEl5otJW2jIK0GKXyK9JP16fVjvRnCt1aP9a/Tc0Hs/jkojfXZX:SzfgEVt7cDX/9WtjvRnCmATclj7fXLN

Score
8/10
persistence

Malware Config

Targets

    • Target

      5e2b5cddbd9f53d306f523ee8f3c617a1af5619c698237c98c1e54ef087c8e68

    • Size

      176KB

    • MD5

      e6bc634e2272a0fd16d9cb16d9c0f38e

    • SHA1

      071b6be704f0b75ae39bbcc2f304e40e899621c8

    • SHA256

      5e2b5cddbd9f53d306f523ee8f3c617a1af5619c698237c98c1e54ef087c8e68

    • SHA512

      0e225a8e21d4230872a750e634e7d31a6ab842ed184b90306aa062699d99bda45d2a12865448509c9c462989aacd9d7f62365904bf6c999f77880210eb850914

    • SSDEEP

      3072:SoPyys5jXJW45dEl5otJW2jIK0GKXyK9JP16fVjvRnCt1aP9a/Tc0Hs/jkojfXZX:SzfgEVt7cDX/9WtjvRnCmATclj7fXLN

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks