Overview

overview

8

Static

static

3c1f0b9fbe...6d.exe

windows7-x64

8

3c1f0b9fbe...6d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c1f0b9fbe4130b43df2a5004928cbd18d99b7878fc3ea8561e4ea63a786ba6d

  • Size

    79KB

  • Sample

    221123-mrsjeaaa6t

  • MD5

    75281c6808facd9b45f479e7e5f05418

  • SHA1

    603debb0a07ce2ec2234b970c7aa52ae64cfcf19

  • SHA256

    3c1f0b9fbe4130b43df2a5004928cbd18d99b7878fc3ea8561e4ea63a786ba6d

  • SHA512

    4ec30433443dd2570d1f60477862159c108c1dc8efdbeb11c70458724c148088a0a924908508e2db848a51d1ae3031719b0030d2e5e101b3194d96fea6b94761

  • SSDEEP

    1536:r+HxFEoBl0JZ1vEibGDB/SN/Aec3iuDbAUehHG6dYTFUmtEbz:r4FEBvdEiCD8WNyGbAsTFmbz

Score
8/10
persistence

Malware Config

Targets

    • Target

      3c1f0b9fbe4130b43df2a5004928cbd18d99b7878fc3ea8561e4ea63a786ba6d

    • Size

      79KB

    • MD5

      75281c6808facd9b45f479e7e5f05418

    • SHA1

      603debb0a07ce2ec2234b970c7aa52ae64cfcf19

    • SHA256

      3c1f0b9fbe4130b43df2a5004928cbd18d99b7878fc3ea8561e4ea63a786ba6d

    • SHA512

      4ec30433443dd2570d1f60477862159c108c1dc8efdbeb11c70458724c148088a0a924908508e2db848a51d1ae3031719b0030d2e5e101b3194d96fea6b94761

    • SSDEEP

      1536:r+HxFEoBl0JZ1vEibGDB/SN/Aec3iuDbAUehHG6dYTFUmtEbz:r4FEBvdEiCD8WNyGbAsTFmbz

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks