Overview

overview

8

Static

static

856f36aff6...8c.exe

windows7-x64

8

856f36aff6...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    856f36aff6f7267ca34d64a6bbf468d79f0f51a3cd0b3db34141a544bc28fe8c

  • Size

    3.3MB

  • Sample

    221127-t5s6escb46

  • MD5

    b675b8efe6f1a208314ce2d44ef8a677

  • SHA1

    840db3de907bd8ab5f6cad8fc2668b1a534fd56f

  • SHA256

    856f36aff6f7267ca34d64a6bbf468d79f0f51a3cd0b3db34141a544bc28fe8c

  • SHA512

    74b68197cedcb52802b6cf0e2b8333b6082e0fd1cf339b8219a7ea0d9c993edd3755d6eaca2f71856bc65da238b58ea3a867cddc149b388626fba2987194a1b5

  • SSDEEP

    49152:fH6teOGBaqYC0qfqx64BfP1OdUm7oLLHXJxnoG7EbQJZf8q1ZFQ21p4AjS9IqHTF:fHDFYnIV4pNLzvoWQs8q1gop4AjwHTX

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      856f36aff6f7267ca34d64a6bbf468d79f0f51a3cd0b3db34141a544bc28fe8c

    • Size

      3.3MB

    • MD5

      b675b8efe6f1a208314ce2d44ef8a677

    • SHA1

      840db3de907bd8ab5f6cad8fc2668b1a534fd56f

    • SHA256

      856f36aff6f7267ca34d64a6bbf468d79f0f51a3cd0b3db34141a544bc28fe8c

    • SHA512

      74b68197cedcb52802b6cf0e2b8333b6082e0fd1cf339b8219a7ea0d9c993edd3755d6eaca2f71856bc65da238b58ea3a867cddc149b388626fba2987194a1b5

    • SSDEEP

      49152:fH6teOGBaqYC0qfqx64BfP1OdUm7oLLHXJxnoG7EbQJZf8q1ZFQ21p4AjS9IqHTF:fHDFYnIV4pNLzvoWQs8q1gop4AjwHTX

    Score
    8/10
    discoverypersistence

    • Modifies AppInit DLL entries

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks