Overview

overview

8

Static

static

4d236c59fd...b5.exe

windows7-x64

8

4d236c59fd...b5.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d236c59fdc9f216627fc36d778bb91c57a30e5c8b353596d33c3a207cf7a0b5

  • Size

    3.0MB

  • Sample

    221127-tl5ecaec5t

  • MD5

    3eabe0c8fdb9c9504a49a4b254a4ab4a

  • SHA1

    2f31e7fe85a1da78252244d35ef88e9ebd6b8044

  • SHA256

    4d236c59fdc9f216627fc36d778bb91c57a30e5c8b353596d33c3a207cf7a0b5

  • SHA512

    1a76873ab9ad57e8c9c2fe62508e0c00c177c4fea83d950d86f598159915deb0aba28bbc14cc1c356345fc26bc80c6853aab5fdbb7d1179133ef363c564ebf58

  • SSDEEP

    49152:JbcQfgNtugfBlutOkVGGPcDEwi9T/udEizEE5Yji088O2axeUC2KdMX:Jb/EtuellkVGGkDEwi97nizei08v6

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      4d236c59fdc9f216627fc36d778bb91c57a30e5c8b353596d33c3a207cf7a0b5

    • Size

      3.0MB

    • MD5

      3eabe0c8fdb9c9504a49a4b254a4ab4a

    • SHA1

      2f31e7fe85a1da78252244d35ef88e9ebd6b8044

    • SHA256

      4d236c59fdc9f216627fc36d778bb91c57a30e5c8b353596d33c3a207cf7a0b5

    • SHA512

      1a76873ab9ad57e8c9c2fe62508e0c00c177c4fea83d950d86f598159915deb0aba28bbc14cc1c356345fc26bc80c6853aab5fdbb7d1179133ef363c564ebf58

    • SSDEEP

      49152:JbcQfgNtugfBlutOkVGGPcDEwi9T/udEizEE5Yji088O2axeUC2KdMX:Jb/EtuellkVGGkDEwi97nizei08v6

    Score
    8/10
    discoverypersistence

    • Modifies AppInit DLL entries

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks