Overview

overview

8

Static

static

9e93209871...6f.exe

windows7-x64

8

9e93209871...6f.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e932098717a08b3df7960b94283465b5741a79a6aea9f67b65da759db64cd6f

  • Size

    102KB

  • Sample

    221124-cnq63aec4x

  • MD5

    fc91619e31c1627c4e3261f43db676e4

  • SHA1

    dc43debca4ecb7e92365f7ab099c3e061d6d76b5

  • SHA256

    9e932098717a08b3df7960b94283465b5741a79a6aea9f67b65da759db64cd6f

  • SHA512

    29ce672a30b0c01ef1f569339fb4f1736588568a6a6cd3fd014ba7c6bf5d8f8609dfcfa949026c53ab8958d290f4943fa4213ef85726f77946322cedbcb2c1d7

  • SSDEEP

    1536:DbEJ0TThIy/q4f5bvqJbLAb7U/VMBSAJ93m+nD+pf47jzH:HEJ0HhIy/Bs0UNSJ93vDkQ7H

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      9e932098717a08b3df7960b94283465b5741a79a6aea9f67b65da759db64cd6f

    • Size

      102KB

    • MD5

      fc91619e31c1627c4e3261f43db676e4

    • SHA1

      dc43debca4ecb7e92365f7ab099c3e061d6d76b5

    • SHA256

      9e932098717a08b3df7960b94283465b5741a79a6aea9f67b65da759db64cd6f

    • SHA512

      29ce672a30b0c01ef1f569339fb4f1736588568a6a6cd3fd014ba7c6bf5d8f8609dfcfa949026c53ab8958d290f4943fa4213ef85726f77946322cedbcb2c1d7

    • SSDEEP

      1536:DbEJ0TThIy/q4f5bvqJbLAb7U/VMBSAJ93m+nD+pf47jzH:HEJ0HhIy/Bs0UNSJ93vDkQ7H

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks