Overview

overview

7

Static

static

16dd30bc31...26.exe

windows7-x64

7

16dd30bc31...26.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16dd30bc3187e0027b35c468a4838a4db135ac28aed4d0e4eb5aeaa0530e7426

  • Size

    282KB

  • Sample

    221125-f5pakshb9t

  • MD5

    572540a337ad063e789274532cbe9132

  • SHA1

    1f36c5c0ce67f9fe9dd1cd716ab4e6058734955d

  • SHA256

    16dd30bc3187e0027b35c468a4838a4db135ac28aed4d0e4eb5aeaa0530e7426

  • SHA512

    24810cc3a63153a5839c2d7e1de4b9f9d51a8f19363482f8a716d34c5f6e21e11a54abf6e17935c0a06d92e82afc07a053c52416052f09fd5e5745fcf8d9abfa

  • SSDEEP

    6144:62DRZVcMcpBrucMhrndQqAgKnef8AnA3n/LbFP1Z3s9B7txu8udmSr/:6cguRT1gRN1tsPBHSr

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      16dd30bc3187e0027b35c468a4838a4db135ac28aed4d0e4eb5aeaa0530e7426

    • Size

      282KB

    • MD5

      572540a337ad063e789274532cbe9132

    • SHA1

      1f36c5c0ce67f9fe9dd1cd716ab4e6058734955d

    • SHA256

      16dd30bc3187e0027b35c468a4838a4db135ac28aed4d0e4eb5aeaa0530e7426

    • SHA512

      24810cc3a63153a5839c2d7e1de4b9f9d51a8f19363482f8a716d34c5f6e21e11a54abf6e17935c0a06d92e82afc07a053c52416052f09fd5e5745fcf8d9abfa

    • SSDEEP

      6144:62DRZVcMcpBrucMhrndQqAgKnef8AnA3n/LbFP1Z3s9B7txu8udmSr/:6cguRT1gRN1tsPBHSr

    Score
    7/10
    persistencediscovery

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Network Service Scanning

1
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks