Overview

overview

10

Static

static

8dfd7934ab...10.exe

windows7-x64

8dfd7934ab...10.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8dfd7934ab0f90e5407c4acecaf5fc3a47557024144df9c2255f22a6e9e4ea10

  • Size

    376KB

  • Sample

    221123-s12rbsfh2s

  • MD5

    7f3200ff7f1e0dc71ceb0c676637bfa2

  • SHA1

    4853e801c80599740b1de9fea5f7ea68a96f82b9

  • SHA256

    8dfd7934ab0f90e5407c4acecaf5fc3a47557024144df9c2255f22a6e9e4ea10

  • SHA512

    3080ea536549b9ce12bf2e0da6cf2e94bef596312af12abc575e8f7f7c21e9294e63c0027bb5ae4a22c1b6b9c25a12b6a9c43a7325727b95f58081d5fd67d97c

  • SSDEEP

    6144:MRAhhJxX7bNIAROzTua3Wx3uJWBmM8fTVIw40ee/nGQKnGQr64UY3ctWkY:UsAAPaieJomM8fTV5lee/GRnE4UKcsn

Score
10/10
persistence

Malware Config

Targets

    • Target

      8dfd7934ab0f90e5407c4acecaf5fc3a47557024144df9c2255f22a6e9e4ea10

    • Size

      376KB

    • MD5

      7f3200ff7f1e0dc71ceb0c676637bfa2

    • SHA1

      4853e801c80599740b1de9fea5f7ea68a96f82b9

    • SHA256

      8dfd7934ab0f90e5407c4acecaf5fc3a47557024144df9c2255f22a6e9e4ea10

    • SHA512

      3080ea536549b9ce12bf2e0da6cf2e94bef596312af12abc575e8f7f7c21e9294e63c0027bb5ae4a22c1b6b9c25a12b6a9c43a7325727b95f58081d5fd67d97c

    • SSDEEP

      6144:MRAhhJxX7bNIAROzTua3Wx3uJWBmM8fTVIw40ee/nGQKnGQr64UY3ctWkY:UsAAPaieJomM8fTV5lee/GRnE4UKcsn

    Score
    10/10
    persistence

    • Modifies system executable filetype association

      persistence

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

1
T1042

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks