Overview

overview

10

Static

static

81611018d3...f1.exe

windows7-x64

10

81611018d3...f1.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81611018d382167448f80aca8fdaff1485f02ec21ed72709c34c6f2a71cc71f1

  • Size

    424KB

  • Sample

    221123-nbc98agc77

  • MD5

    1d0e1f4e0010d5b50a097b9626ab5266

  • SHA1

    f2a1aa1e6701cd7af65d7f900e3d6b503c7f12ee

  • SHA256

    81611018d382167448f80aca8fdaff1485f02ec21ed72709c34c6f2a71cc71f1

  • SHA512

    8dadce1f87228901352bca04d55aa4664232d68bc432b9a3c9635b4d8ff677e2c1beda24f424fee452949127ce0637959a95b2c2d78c210f131432e7cd53f883

  • SSDEEP

    6144:zZ/P2GDY5aQLh7YHjAxhrzM06T1goACQIX57RUWlFcN3CeVFvht4LZN2Wh:BPpat5YHsxhrY06T1ALs7RsQd

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      81611018d382167448f80aca8fdaff1485f02ec21ed72709c34c6f2a71cc71f1

    • Size

      424KB

    • MD5

      1d0e1f4e0010d5b50a097b9626ab5266

    • SHA1

      f2a1aa1e6701cd7af65d7f900e3d6b503c7f12ee

    • SHA256

      81611018d382167448f80aca8fdaff1485f02ec21ed72709c34c6f2a71cc71f1

    • SHA512

      8dadce1f87228901352bca04d55aa4664232d68bc432b9a3c9635b4d8ff677e2c1beda24f424fee452949127ce0637959a95b2c2d78c210f131432e7cd53f883

    • SSDEEP

      6144:zZ/P2GDY5aQLh7YHjAxhrzM06T1goACQIX57RUWlFcN3CeVFvht4LZN2Wh:BPpat5YHsxhrY06T1ALs7RsQd

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks