Overview

overview

10

Static

static

Payment.Pd...__.exe

windows7-x64

10

Payment.Pd...__.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    c9b3da0e1b1c68e1332886af250c1b50b70a4f1301ff4058420f96d9f9c5dbf9

  • Size

    83KB

  • Sample

    221127-scrlfsah5x

  • MD5

    0f4f35e06e1862be2d866c25fda02a19

  • SHA1

    bed3a637af842be6d2b373c156337c5ccfa7085a

  • SHA256

    c9b3da0e1b1c68e1332886af250c1b50b70a4f1301ff4058420f96d9f9c5dbf9

  • SHA512

    656899de1706d9acf187cd43be22bb06abde9dcd5796e6c9927c65288d188af4204378f89b22b640f94fb6ee483d54b84d9b182cadb831ae06174a3ad1228cc3

  • SSDEEP

    1536:oifWmvVNfaTJb8P9ywTJGs/MhnslJbg/YBsy4gFBfPltgut:JfL7aTJALws/ltPmtoftz

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      Payment.Pdf_____________________________________________________________.exe

    • Size

      194KB

    • MD5

      bc45757ae73aa50d8333bdadfff59d3a

    • SHA1

      419531f6e82644b8763965e7cc492f2f7889d031

    • SHA256

      aa5712a5c579b52cf84d00c6dac57ed51abab07621208d26b7f2f2eeef649b84

    • SHA512

      7c25a4ef04d4409623a462f6a8a46dc0c16522ff7614054e62ad7017c398823b1fbce5723ef3a237bd3602e3c91d94b4415336504cb3f3d0f0c99d35c8373419

    • SSDEEP

      1536:+vaNgK/WqkUsi8eKJAa+47Vh4vlFpaV7gBe6c/fulTxH0pwYGUIM0oGh8xiB6BG7:2+bJ8eKdlVh4vvS7gBFc/WBnnSK+2/sE

    Score
    10/10
    evasionpersistencetrojan

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Adds policy Run key to start application

      persistence

    • Blocklisted process makes network request

    • Disables taskbar notifications via registry modification

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks