Overview

overview

10

Static

static

a16b624a41...87.exe

windows7-x64

10

a16b624a41...87.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a16b624a41afa3a79997ce14a8aa04fab7238ec6c008c4fdff8a675997ee7587

  • Size

    388KB

  • Sample

    221125-1q1qaacd5y

  • MD5

    a8d6cc7b661482c5be38c38b19156b43

  • SHA1

    3716a78ee38506d2555333dce99ba052325a60ce

  • SHA256

    a16b624a41afa3a79997ce14a8aa04fab7238ec6c008c4fdff8a675997ee7587

  • SHA512

    03291e3fbae671efbf451773bf386eac12d7762f6b0896e36c6aac5145026c25df71934ff379e717e14285ef929c79a19bd71969d779b711d6f53d6b3fc050c5

  • SSDEEP

    12288:fEETDPKgeI8zQJ64ESq52kOetTzll1p14QY:8ObKI8J4Rqf5bl1z4R

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      a16b624a41afa3a79997ce14a8aa04fab7238ec6c008c4fdff8a675997ee7587

    • Size

      388KB

    • MD5

      a8d6cc7b661482c5be38c38b19156b43

    • SHA1

      3716a78ee38506d2555333dce99ba052325a60ce

    • SHA256

      a16b624a41afa3a79997ce14a8aa04fab7238ec6c008c4fdff8a675997ee7587

    • SHA512

      03291e3fbae671efbf451773bf386eac12d7762f6b0896e36c6aac5145026c25df71934ff379e717e14285ef929c79a19bd71969d779b711d6f53d6b3fc050c5

    • SSDEEP

      12288:fEETDPKgeI8zQJ64ESq52kOetTzll1p14QY:8ObKI8J4Rqf5bl1z4R

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Hidden Files and Directories

1
T1158

Modify Registry

3
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks