Overview

overview

8

Static

static

8

intimacao.exe

windows7-x64

8

intimacao.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5960e28ed6eb06ce0ee651687583d6c0c6052e12f39a4641b7f6851921dedc2

  • Size

    363KB

  • Sample

    221124-qyzsvagc93

  • MD5

    863067a20fa6f569bd2f9c1113908504

  • SHA1

    82a43493b3085df7be048f7e13ac251a52e7b7f2

  • SHA256

    b5960e28ed6eb06ce0ee651687583d6c0c6052e12f39a4641b7f6851921dedc2

  • SHA512

    4b51ce7c0b73189bc7f3024674dbadce3502860273305593a4296e1103810423a13ec5c8cd993dada2392432bd8eae62d7fd58b82144630b52693bb4b565b5c7

  • SSDEEP

    6144:CnFxfSQxwuxw68zGzaIbSh9bGkyz3o5nZgZwWFHXZC6zUQplOJOhVUOWityHhyLy:CPqML8XGSXbGk23DJHwwDOJOhVUOTUH7

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      intimacao.exe

    • Size

      388KB

    • MD5

      c40ad25bcac2ad3f01de8f64ffaa4c69

    • SHA1

      e3799250fe2fd791bfbf1d6a7d3369db8f64b2b1

    • SHA256

      d56744e1e09619822ac8c68524cb8311f4f5991fcee8380246cb8beb7a27ec4a

    • SHA512

      f6db04d4427fa159120ff7d3064759e17a7d74474734e572549667006b50a3c548d4071f8ca142be3a03978c69fb5ee3e6163797925e57b47ab16da7c896219d

    • SSDEEP

      12288:TOv5jKhsfoPA+yeVKUCUxP4C902bdRtJJPiKd29XgE:Tq5TfcdHj4fmbEXZ

    Score
    8/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks