Overview

overview

10

Static

static

6e1876f992...ab.exe

windows7-x64

10

6e1876f992...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e1876f992220997545f694fabb9720697e1af01452d2468d34cd08e5133afab

  • Size

    55KB

  • Sample

    221125-pwl9asha52

  • MD5

    d85b27367fe2525cfe48e852620dc23b

  • SHA1

    2c5aa228883fe2e19c02577b4acd1ef3927b8da5

  • SHA256

    6e1876f992220997545f694fabb9720697e1af01452d2468d34cd08e5133afab

  • SHA512

    8900067072a030d44c416f2e3593bed848425d6c221e7ec022fb0ed12dd1604542ea2a0b666ee3ddeae4b924ca96b356962965dbebbc1ded84740b40f289d9e5

  • SSDEEP

    768:FP7HulHnyozBT0HmZ5Gz396lpC2TwTp0Uq3acFzKD3RlY4cIL0b+28z+g:l7O1yo11ZUAlpHEXqqcFeI4cItig

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      6e1876f992220997545f694fabb9720697e1af01452d2468d34cd08e5133afab

    • Size

      55KB

    • MD5

      d85b27367fe2525cfe48e852620dc23b

    • SHA1

      2c5aa228883fe2e19c02577b4acd1ef3927b8da5

    • SHA256

      6e1876f992220997545f694fabb9720697e1af01452d2468d34cd08e5133afab

    • SHA512

      8900067072a030d44c416f2e3593bed848425d6c221e7ec022fb0ed12dd1604542ea2a0b666ee3ddeae4b924ca96b356962965dbebbc1ded84740b40f289d9e5

    • SSDEEP

      768:FP7HulHnyozBT0HmZ5Gz396lpC2TwTp0Uq3acFzKD3RlY4cIL0b+28z+g:l7O1yo11ZUAlpHEXqqcFeI4cItig

    Score
    10/10
    evasionpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Adds policy Run key to start application

      persistence

    • Blocklisted process makes network request

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks