Overview

overview

10

Static

static

c8a7af2d91...98.exe

windows7-x64

10

c8a7af2d91...98.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8a7af2d91f1b22cc8bc59070e246f6d7bd1a91a45d9729db3a373fb6ce4b198

  • Size

    45KB

  • Sample

    221126-kx2yxsff25

  • MD5

    3e70d9a82e68af43f27dbde3a7492490

  • SHA1

    4e46ebea70e6fbecdba8d274daeb43f9b9bdf9f3

  • SHA256

    c8a7af2d91f1b22cc8bc59070e246f6d7bd1a91a45d9729db3a373fb6ce4b198

  • SHA512

    5e0aed6c743535aba1470149da064f9a9cd18d57202479cc552181687969fd2949a438f74358a0ac63c053ef7fdb6c38040660cfbd078f73ac6ac07e89e9c1b6

  • SSDEEP

    768:XZwb9TV5ZDzu83AqN1LZNneGcRnks/iaeS9rmJIga9/U/1H5:XZwb9TvZ3wqnL67RnkMVmeq

Score
10/10
persistence

Malware Config

Targets

    • Target

      c8a7af2d91f1b22cc8bc59070e246f6d7bd1a91a45d9729db3a373fb6ce4b198

    • Size

      45KB

    • MD5

      3e70d9a82e68af43f27dbde3a7492490

    • SHA1

      4e46ebea70e6fbecdba8d274daeb43f9b9bdf9f3

    • SHA256

      c8a7af2d91f1b22cc8bc59070e246f6d7bd1a91a45d9729db3a373fb6ce4b198

    • SHA512

      5e0aed6c743535aba1470149da064f9a9cd18d57202479cc552181687969fd2949a438f74358a0ac63c053ef7fdb6c38040660cfbd078f73ac6ac07e89e9c1b6

    • SSDEEP

      768:XZwb9TV5ZDzu83AqN1LZNneGcRnks/iaeS9rmJIga9/U/1H5:XZwb9TvZ3wqnL67RnkMVmeq

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks