Overview

overview

8

Static

static

436f62d38d...01.exe

windows7-x64

8

436f62d38d...01.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    436f62d38d0de6a0e2b4280cc3dc2264791757b47da6b86467f0cd682cad6701

  • Size

    3.4MB

  • Sample

    221125-2nmlbafd2v

  • MD5

    8892eb7c0ba4e0c20816f5ce0f86a9dc

  • SHA1

    15b8c189360dc509e5dde7666ea96964086b13ab

  • SHA256

    436f62d38d0de6a0e2b4280cc3dc2264791757b47da6b86467f0cd682cad6701

  • SHA512

    46c65d9e01da4d67e2b2e0306f571e13314edea07cf331dbb4f2f3d123154df156a3b9907525436465749bf7246ee01cfc4b6ca6bf05009c809d86b1ace76342

  • SSDEEP

    98304:c3yobVyq03fv0oKATM6A/7zf8iEFb1OL6PVgNZzO:eyey13EoXM68vHO5fPeNZy

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      436f62d38d0de6a0e2b4280cc3dc2264791757b47da6b86467f0cd682cad6701

    • Size

      3.4MB

    • MD5

      8892eb7c0ba4e0c20816f5ce0f86a9dc

    • SHA1

      15b8c189360dc509e5dde7666ea96964086b13ab

    • SHA256

      436f62d38d0de6a0e2b4280cc3dc2264791757b47da6b86467f0cd682cad6701

    • SHA512

      46c65d9e01da4d67e2b2e0306f571e13314edea07cf331dbb4f2f3d123154df156a3b9907525436465749bf7246ee01cfc4b6ca6bf05009c809d86b1ace76342

    • SSDEEP

      98304:c3yobVyq03fv0oKATM6A/7zf8iEFb1OL6PVgNZzO:eyey13EoXM68vHO5fPeNZy

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks