Overview

overview

10

Static

static

bd8ba4483e...15.exe

windows7-x64

10

bd8ba4483e...15.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd8ba4483e3d8df6071b9cb31de683b87f64e3f1774c9cf5a7ecb76a67a31515

  • Size

    160KB

  • Sample

    221123-s1qdasfg8w

  • MD5

    c6e6a311f8a988789543683a297aa988

  • SHA1

    4ada699415ece27f75df0fbcd5b9f441c657ef4e

  • SHA256

    bd8ba4483e3d8df6071b9cb31de683b87f64e3f1774c9cf5a7ecb76a67a31515

  • SHA512

    75e731fa841b518079df36fd9b50659b2373ce084412a45ce93c27e21cd6e1cb844520fb29f1b640cf0c5a4444cb9576fd29ade8c0a9c3bd42a8f8289eb333be

  • SSDEEP

    3072:MRAhhcsxgAJuK7bZD01GoI0ONtNmlngmx5MO0xiKlmSaZN:MRAhhJxX7bNIFlxomS0

Score
10/10
persistence

Malware Config

Targets

    • Target

      bd8ba4483e3d8df6071b9cb31de683b87f64e3f1774c9cf5a7ecb76a67a31515

    • Size

      160KB

    • MD5

      c6e6a311f8a988789543683a297aa988

    • SHA1

      4ada699415ece27f75df0fbcd5b9f441c657ef4e

    • SHA256

      bd8ba4483e3d8df6071b9cb31de683b87f64e3f1774c9cf5a7ecb76a67a31515

    • SHA512

      75e731fa841b518079df36fd9b50659b2373ce084412a45ce93c27e21cd6e1cb844520fb29f1b640cf0c5a4444cb9576fd29ade8c0a9c3bd42a8f8289eb333be

    • SSDEEP

      3072:MRAhhcsxgAJuK7bZD01GoI0ONtNmlngmx5MO0xiKlmSaZN:MRAhhJxX7bNIFlxomS0

    Score
    10/10
    persistence

    • Modifies system executable filetype association

      persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

1
T1042

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks