Overview

overview

8

Static

static

8

e4a107ad4d...18.exe

windows7-x64

8

e4a107ad4d...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4a107ad4da57865e1f6ae2aca4b583d2b5af6d6fc339875aea6aa2036bd0a18

  • Size

    952KB

  • Sample

    221127-dbjrwshc5y

  • MD5

    c0da389f251c8999145ac74a5623b953

  • SHA1

    8c13c232d90d8cce78b289794ca816ebe11dfdf7

  • SHA256

    e4a107ad4da57865e1f6ae2aca4b583d2b5af6d6fc339875aea6aa2036bd0a18

  • SHA512

    14c875f80a0856eb1b7e22aa78a0a3e44b505ec5a126df171a0193c4568d1665efc22191fcfbb903822c4a73bd09b9f458bfa21da49483b746165a8c8c8788f5

  • SSDEEP

    12288:oyELQDEI04EAihYHfXDc3pW0MIVABeTQLvGIUgm0mVd9Z:9ELQpYac3pW0P6Be0L+9gm0GdH

Score
8/10
microsoftpersistencephishingupx

Malware Config

Targets

    • Target

      e4a107ad4da57865e1f6ae2aca4b583d2b5af6d6fc339875aea6aa2036bd0a18

    • Size

      952KB

    • MD5

      c0da389f251c8999145ac74a5623b953

    • SHA1

      8c13c232d90d8cce78b289794ca816ebe11dfdf7

    • SHA256

      e4a107ad4da57865e1f6ae2aca4b583d2b5af6d6fc339875aea6aa2036bd0a18

    • SHA512

      14c875f80a0856eb1b7e22aa78a0a3e44b505ec5a126df171a0193c4568d1665efc22191fcfbb903822c4a73bd09b9f458bfa21da49483b746165a8c8c8788f5

    • SSDEEP

      12288:oyELQDEI04EAihYHfXDc3pW0MIVABeTQLvGIUgm0mVd9Z:9ELQpYac3pW0P6Be0L+9gm0GdH

    Score
    8/10
    upxmicrosoftpersistencephishing

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks