Overview

overview

8

Static

static

ec4f980e85...8c.exe

windows7-x64

8

ec4f980e85...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec4f980e85c6dff0ec59f072e4c947d26224880e0608add7b1093d377ddb688c

  • Size

    52KB

  • Sample

    221127-tmqycaec9s

  • MD5

    1086feb027e9f24eece15b2af685711e

  • SHA1

    9558a592f1b8ca6cafc989fb68a0e2e8bd5e2824

  • SHA256

    ec4f980e85c6dff0ec59f072e4c947d26224880e0608add7b1093d377ddb688c

  • SHA512

    39a960bb5be3dba71f8dfd910e92f6e1294231efbaf11d3e3c6aac08c44dd966ba60d4903c3d464bedb7109f6d55b16e6dde9be241c3d7951170555be90f48d4

  • SSDEEP

    768:OxZ2sfbsZPQGb4ZGXGJpxf/dkUXKPu8o2AHjlJnJ8rda9YOg1/F:OxkqMd4ZG2J7tBXKPu892jl8rQ9+

Score
8/10
persistence

Malware Config

Targets

    • Target

      ec4f980e85c6dff0ec59f072e4c947d26224880e0608add7b1093d377ddb688c

    • Size

      52KB

    • MD5

      1086feb027e9f24eece15b2af685711e

    • SHA1

      9558a592f1b8ca6cafc989fb68a0e2e8bd5e2824

    • SHA256

      ec4f980e85c6dff0ec59f072e4c947d26224880e0608add7b1093d377ddb688c

    • SHA512

      39a960bb5be3dba71f8dfd910e92f6e1294231efbaf11d3e3c6aac08c44dd966ba60d4903c3d464bedb7109f6d55b16e6dde9be241c3d7951170555be90f48d4

    • SSDEEP

      768:OxZ2sfbsZPQGb4ZGXGJpxf/dkUXKPu8o2AHjlJnJ8rda9YOg1/F:OxkqMd4ZG2J7tBXKPu892jl8rQ9+

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks