Overview

overview

8

Static

static

bf571915c8...9e.exe

windows7-x64

8

bf571915c8...9e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf571915c8fe6a42a84e27f7a22cbc0be058b2eaedaab41e6f6c64d51c45b79e

  • Size

    807KB

  • Sample

    221127-t31gqaca35

  • MD5

    f2e92d3bb65d8161c1c4017a85342bb9

  • SHA1

    7596dbee6667983be8814247cbe6280c24aa6275

  • SHA256

    bf571915c8fe6a42a84e27f7a22cbc0be058b2eaedaab41e6f6c64d51c45b79e

  • SHA512

    8b749b9344b46953143f9d43d40685cf04638c0f5c036a1e079a7c20af5a75ae1d56e9ebd9f0529b0e595c445f5e789fd82f0ff0cd9e5c5362041750bc44d566

  • SSDEEP

    24576:dFU3XZISMSND63ZB5/ykMogeslYN1agUTB9IpeE/MVj:WMSNOZ3JNslYN4gU5

Score
8/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      bf571915c8fe6a42a84e27f7a22cbc0be058b2eaedaab41e6f6c64d51c45b79e

    • Size

      807KB

    • MD5

      f2e92d3bb65d8161c1c4017a85342bb9

    • SHA1

      7596dbee6667983be8814247cbe6280c24aa6275

    • SHA256

      bf571915c8fe6a42a84e27f7a22cbc0be058b2eaedaab41e6f6c64d51c45b79e

    • SHA512

      8b749b9344b46953143f9d43d40685cf04638c0f5c036a1e079a7c20af5a75ae1d56e9ebd9f0529b0e595c445f5e789fd82f0ff0cd9e5c5362041750bc44d566

    • SSDEEP

      24576:dFU3XZISMSND63ZB5/ykMogeslYN1agUTB9IpeE/MVj:WMSNOZ3JNslYN4gU5

    Score
    8/10
    evasionpersistencetrojan

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks