Overview

overview

8

Static

static

17b8287496...ff.exe

windows7-x64

8

17b8287496...ff.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17b82874967e1b3bc9989f09a266ce0ccf47ddf4fa30d5da90e63cf8afe1ebff

  • Size

    108KB

  • Sample

    221125-e5ln1sbe57

  • MD5

    da5a8845b4acd35c05c1ae46b007a79e

  • SHA1

    feebd3b0aa5dcf83b7bd060b71b004b82206322c

  • SHA256

    17b82874967e1b3bc9989f09a266ce0ccf47ddf4fa30d5da90e63cf8afe1ebff

  • SHA512

    462397d41f17305bf7b2aacaf7d9aaae0b2fc6c7c3c40e66e19c3b6a2d1d0d6f9c54f8a12e8b018548fa94a01cab76c4acb5f7dc1d9d69e6c442d730201a0e8f

  • SSDEEP

    3072:TD+qrKarOANYdtK8lyXEQ2ylf75+VPgt:TCcSla80X/jlN+VP

Score
8/10
persistence

Malware Config

Targets

    • Target

      17b82874967e1b3bc9989f09a266ce0ccf47ddf4fa30d5da90e63cf8afe1ebff

    • Size

      108KB

    • MD5

      da5a8845b4acd35c05c1ae46b007a79e

    • SHA1

      feebd3b0aa5dcf83b7bd060b71b004b82206322c

    • SHA256

      17b82874967e1b3bc9989f09a266ce0ccf47ddf4fa30d5da90e63cf8afe1ebff

    • SHA512

      462397d41f17305bf7b2aacaf7d9aaae0b2fc6c7c3c40e66e19c3b6a2d1d0d6f9c54f8a12e8b018548fa94a01cab76c4acb5f7dc1d9d69e6c442d730201a0e8f

    • SSDEEP

      3072:TD+qrKarOANYdtK8lyXEQ2ylf75+VPgt:TCcSla80X/jlN+VP

    Score
    8/10
    persistence

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks