Overview

overview

8

Static

static

1

21a1528a3f...41.exe

windows7-x64

8

21a1528a3f...41.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21a1528a3f1c32e8590f0aad0e6fdd44360efb56c220277a8fb5983790628a41

  • Size

    284KB

  • Sample

    221127-t5wasacb48

  • MD5

    e9f606b91b40aa7cfd2714e06515d50c

  • SHA1

    8f547dc6f44ac4652d8a8e819931fd73856ae674

  • SHA256

    21a1528a3f1c32e8590f0aad0e6fdd44360efb56c220277a8fb5983790628a41

  • SHA512

    5044710eca60fd71dd6a408b43975838b1f5e8839576cb01cf13a44fb6af7a14c5319e13b3b505644a7ad806a51a15fe79ba5c032b1dcb505c1fab08cd405ff0

  • SSDEEP

    3072:2gXdZt9P6D3XJ+XcUnTFWoFjGYkOPOZFZ5KuWzsCi3ZhkP+YT6erSvy4rUhwRnl:2e34EMUTYoHkWkFZUuWzA3MWYT+vy4hl

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      21a1528a3f1c32e8590f0aad0e6fdd44360efb56c220277a8fb5983790628a41

    • Size

      284KB

    • MD5

      e9f606b91b40aa7cfd2714e06515d50c

    • SHA1

      8f547dc6f44ac4652d8a8e819931fd73856ae674

    • SHA256

      21a1528a3f1c32e8590f0aad0e6fdd44360efb56c220277a8fb5983790628a41

    • SHA512

      5044710eca60fd71dd6a408b43975838b1f5e8839576cb01cf13a44fb6af7a14c5319e13b3b505644a7ad806a51a15fe79ba5c032b1dcb505c1fab08cd405ff0

    • SSDEEP

      3072:2gXdZt9P6D3XJ+XcUnTFWoFjGYkOPOZFZ5KuWzsCi3ZhkP+YT6erSvy4rUhwRnl:2e34EMUTYoHkWkFZUuWzA3MWYT+vy4hl

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks