Overview

overview

8

Static

static

05ea276c01...16.exe

windows7-x64

8

05ea276c01...16.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516

  • Size

    3.3MB

  • Sample

    221124-rxstksea5x

  • MD5

    89c997e8e181f2291ab6490d1320f4be

  • SHA1

    65f3c5c98bd31d5dc2d689632ea02b27e497005b

  • SHA256

    05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516

  • SHA512

    b78033f087c9dd1f06c99123cefbcec80e91bd49b50cea44c8f2b5db273c55ed4307c59cc2ec083f6d5cb1fac52dbb1d17ed078034e2cc7ffc2e1becf79558c3

  • SSDEEP

    98304:W3YobVRxj94j/JpY6A7PFLiWg5RxjUZz5:sYeujnY6aIrYZt

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516

    • Size

      3.3MB

    • MD5

      89c997e8e181f2291ab6490d1320f4be

    • SHA1

      65f3c5c98bd31d5dc2d689632ea02b27e497005b

    • SHA256

      05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516

    • SHA512

      b78033f087c9dd1f06c99123cefbcec80e91bd49b50cea44c8f2b5db273c55ed4307c59cc2ec083f6d5cb1fac52dbb1d17ed078034e2cc7ffc2e1becf79558c3

    • SSDEEP

      98304:W3YobVRxj94j/JpY6A7PFLiWg5RxjUZz5:sYeujnY6aIrYZt

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks