Overview

overview

10

Static

static

10

afb5ed5581...18.exe

windows7-x64

8

afb5ed5581...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afb5ed55814603b7777e86f6fef55bca6475519ee34cfdcd9818b68224fbc018

  • Size

    45KB

  • Sample

    221125-h3epgadh2v

  • MD5

    7dd124e940276e4d5696c6d9c740ee7a

  • SHA1

    bf9c16d4c2fec8a43a335ada494e44e71ac9cfec

  • SHA256

    afb5ed55814603b7777e86f6fef55bca6475519ee34cfdcd9818b68224fbc018

  • SHA512

    6f687f2ead89d5bb4c86c26fd235201a5946f1883defe33ae2096be6f1babbc1c4214ef10862a691f007b2a0347d00695b8cf6f0fbdf2b0fba660331463ccc3e

  • SSDEEP

    768:I8LmHwX5t+cPOXSeBGt0L8QA0LqSbpex2rcUdtPR1AxZmy:IsftPOXSkM2Rbpepb

Score
10/10
njratevasionpersistence

Malware Config

Targets

    • Target

      afb5ed55814603b7777e86f6fef55bca6475519ee34cfdcd9818b68224fbc018

    • Size

      45KB

    • MD5

      7dd124e940276e4d5696c6d9c740ee7a

    • SHA1

      bf9c16d4c2fec8a43a335ada494e44e71ac9cfec

    • SHA256

      afb5ed55814603b7777e86f6fef55bca6475519ee34cfdcd9818b68224fbc018

    • SHA512

      6f687f2ead89d5bb4c86c26fd235201a5946f1883defe33ae2096be6f1babbc1c4214ef10862a691f007b2a0347d00695b8cf6f0fbdf2b0fba660331463ccc3e

    • SSDEEP

      768:I8LmHwX5t+cPOXSeBGt0L8QA0LqSbpex2rcUdtPR1AxZmy:IsftPOXSkM2Rbpepb

    Score
    8/10
    evasionpersistence

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks