Overview

overview

8

Static

static

1

b38c58d3db...8b.exe

windows7-x64

8

b38c58d3db...8b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b38c58d3db69724b2ecb3b62ea6f6796c6a11a1c908ad312ca9fb5f108e8478b

  • Size

    446KB

  • Sample

    221123-myv8waae6x

  • MD5

    54e0d067be2bb1eef275936c9e342ed0

  • SHA1

    3a658e57fddf9042ac94704ae136172211fa2987

  • SHA256

    b38c58d3db69724b2ecb3b62ea6f6796c6a11a1c908ad312ca9fb5f108e8478b

  • SHA512

    0c8af396726e1bfe74af81cffa9d15bf055a22b7e3e0359aa8a4bc5962cd2cf8dd612d0dc5f3e00a5dd1c72ad4bdddb18ddbfcc6b05bf02b434c586c0b716c84

  • SSDEEP

    6144:XzfClr9/NLhY60+q5QscDbgybovZJnvOG9caUfqjOQ0Fmrpblbq+VemROcf4T6PT:2DYB+qQovODCjUFwFPVX4TWVClHNCQW

Score
8/10
discovery

Malware Config

Targets

    • Target

      b38c58d3db69724b2ecb3b62ea6f6796c6a11a1c908ad312ca9fb5f108e8478b

    • Size

      446KB

    • MD5

      54e0d067be2bb1eef275936c9e342ed0

    • SHA1

      3a658e57fddf9042ac94704ae136172211fa2987

    • SHA256

      b38c58d3db69724b2ecb3b62ea6f6796c6a11a1c908ad312ca9fb5f108e8478b

    • SHA512

      0c8af396726e1bfe74af81cffa9d15bf055a22b7e3e0359aa8a4bc5962cd2cf8dd612d0dc5f3e00a5dd1c72ad4bdddb18ddbfcc6b05bf02b434c586c0b716c84

    • SSDEEP

      6144:XzfClr9/NLhY60+q5QscDbgybovZJnvOG9caUfqjOQ0Fmrpblbq+VemROcf4T6PT:2DYB+qQovODCjUFwFPVX4TWVClHNCQW

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks