Overview

overview

10

Static

static

fe4066548b...8b.exe

windows7-x64

10

fe4066548b...8b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe4066548b5b7c39f4248ad7c0b0572ebc3f90494fbf5919a46c2b77b2a7a98b

  • Size

    152KB

  • Sample

    221124-aj78nsef42

  • MD5

    368ac0927921f7aa3bb88ec0eabfe720

  • SHA1

    89c3446e03917a90aa1a9b4b5fcc9cd6053e200f

  • SHA256

    fe4066548b5b7c39f4248ad7c0b0572ebc3f90494fbf5919a46c2b77b2a7a98b

  • SHA512

    bffa31685aead2666c4b48ad2ffb31ec7505ce47fb93a1bc2706fee5ca67b01f64c5370c2ddf0f6fa81930c335742b66e824b27426d5026fdee6dc17f0affe37

  • SSDEEP

    3072:y3s/Yvl3Po5+tTjFqV+t3DRGCKBiAKE4oQZiEBfz:MQ5+t8+NDR5ApWj

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      fe4066548b5b7c39f4248ad7c0b0572ebc3f90494fbf5919a46c2b77b2a7a98b

    • Size

      152KB

    • MD5

      368ac0927921f7aa3bb88ec0eabfe720

    • SHA1

      89c3446e03917a90aa1a9b4b5fcc9cd6053e200f

    • SHA256

      fe4066548b5b7c39f4248ad7c0b0572ebc3f90494fbf5919a46c2b77b2a7a98b

    • SHA512

      bffa31685aead2666c4b48ad2ffb31ec7505ce47fb93a1bc2706fee5ca67b01f64c5370c2ddf0f6fa81930c335742b66e824b27426d5026fdee6dc17f0affe37

    • SSDEEP

      3072:y3s/Yvl3Po5+tTjFqV+t3DRGCKBiAKE4oQZiEBfz:MQ5+t8+NDR5ApWj

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Hidden Files and Directories

1
T1158

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks