Overview

overview

8

Static

static

a997f627b9...1c.exe

windows7-x64

8

a997f627b9...1c.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a997f627b9d789ee2bb5700a9f58eba81081e1ea376dc159195d91354d8fc61c

  • Size

    240KB

  • Sample

    221125-h4sbysdh9t

  • MD5

    12819fe1e2657c2fde9c027ec2fa6b85

  • SHA1

    e2b2150c8214c268abbc4dbe71c776190d490bc9

  • SHA256

    a997f627b9d789ee2bb5700a9f58eba81081e1ea376dc159195d91354d8fc61c

  • SHA512

    1dbd5239b559719a4ad438a279653ed1fcb0d9887834842c6f6d88d5ef1ab98e6609e7a31b58e42b392a9937c42317161686fb041372b17a349be724c55d533b

  • SSDEEP

    6144:A+J0Q1PdsbZTHY8Yu3uD2ETjjfoQ7wVqQ3fn8zMHjjCmowyzZDnZ:AaX2HV3wjjfoQ7wVqQ/DjJ1yzJnZ

Score
8/10
persistence

Malware Config

Targets

    • Target

      a997f627b9d789ee2bb5700a9f58eba81081e1ea376dc159195d91354d8fc61c

    • Size

      240KB

    • MD5

      12819fe1e2657c2fde9c027ec2fa6b85

    • SHA1

      e2b2150c8214c268abbc4dbe71c776190d490bc9

    • SHA256

      a997f627b9d789ee2bb5700a9f58eba81081e1ea376dc159195d91354d8fc61c

    • SHA512

      1dbd5239b559719a4ad438a279653ed1fcb0d9887834842c6f6d88d5ef1ab98e6609e7a31b58e42b392a9937c42317161686fb041372b17a349be724c55d533b

    • SSDEEP

      6144:A+J0Q1PdsbZTHY8Yu3uD2ETjjfoQ7wVqQ3fn8zMHjjCmowyzZDnZ:AaX2HV3wjjfoQ7wVqQ/DjJ1yzJnZ

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks