Overview

overview

8

Static

static

3a62baec08...fb.dll

windows7-x64

8

3a62baec08...fb.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    3a62baec08c03cd3f37e6326a319e12e389f480c62b163a3ccfb918bc84a74fb

  • Size

    1.6MB

  • Sample

    221127-xs3e4sbf86

  • MD5

    1e10c17f1f3b061af6b83028907c22a5

  • SHA1

    f4b88129c504c027374ccc3fe94e48b8c8134784

  • SHA256

    3a62baec08c03cd3f37e6326a319e12e389f480c62b163a3ccfb918bc84a74fb

  • SHA512

    345f657956337a822c327a8f2063049db65fb88fd7bdd6e8ee04cafb1dd3a4c706e7d0701f871655251f13531dc0fae0d9ceb98de6dd955611ae9da6d79959d0

  • SSDEEP

    49152:Cj/GUb7IfZK2ecXjTDIoADndK5m3WjoW:k5IfZ7FjgRdK

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      3a62baec08c03cd3f37e6326a319e12e389f480c62b163a3ccfb918bc84a74fb

    • Size

      1.6MB

    • MD5

      1e10c17f1f3b061af6b83028907c22a5

    • SHA1

      f4b88129c504c027374ccc3fe94e48b8c8134784

    • SHA256

      3a62baec08c03cd3f37e6326a319e12e389f480c62b163a3ccfb918bc84a74fb

    • SHA512

      345f657956337a822c327a8f2063049db65fb88fd7bdd6e8ee04cafb1dd3a4c706e7d0701f871655251f13531dc0fae0d9ceb98de6dd955611ae9da6d79959d0

    • SSDEEP

      49152:Cj/GUb7IfZK2ecXjTDIoADndK5m3WjoW:k5IfZ7FjgRdK

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Modifies AppInit DLL entries

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks