Overview

overview

8

Static

static

1eca38a96a...b9.exe

windows7-x64

8

1eca38a96a...b9.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1eca38a96ace5d89c4eab9bcd0e0df6cb2f95498466fa16b11b93b05aa8215b9

  • Size

    88KB

  • Sample

    221124-av5a6aaf61

  • MD5

    15e49d6669518123528837daa809f830

  • SHA1

    bb99059337de845366ffba902be439fafcc20d78

  • SHA256

    1eca38a96ace5d89c4eab9bcd0e0df6cb2f95498466fa16b11b93b05aa8215b9

  • SHA512

    934971b4be75026f209ad6045257addca3b41b785a49b0ccedcbcaf0aafaaee7a80787f5ea4dea27a79edb7c50fba99616994a49704c03f7ce836b0d37872780

  • SSDEEP

    1536:atZHJGPKZi+unw3uzV1c02GccppoNr9hTcOujjwGTr0aIiksSaV1K7s:o3GCZi+u93+FPNr9hoOVGToadTug

Score
8/10
persistence

Malware Config

Targets

    • Target

      1eca38a96ace5d89c4eab9bcd0e0df6cb2f95498466fa16b11b93b05aa8215b9

    • Size

      88KB

    • MD5

      15e49d6669518123528837daa809f830

    • SHA1

      bb99059337de845366ffba902be439fafcc20d78

    • SHA256

      1eca38a96ace5d89c4eab9bcd0e0df6cb2f95498466fa16b11b93b05aa8215b9

    • SHA512

      934971b4be75026f209ad6045257addca3b41b785a49b0ccedcbcaf0aafaaee7a80787f5ea4dea27a79edb7c50fba99616994a49704c03f7ce836b0d37872780

    • SSDEEP

      1536:atZHJGPKZi+unw3uzV1c02GccppoNr9hTcOujjwGTr0aIiksSaV1K7s:o3GCZi+u93+FPNr9hoOVGToadTug

    Score
    8/10
    persistence

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks