Overview

overview

8

Static

static

a80ae98cc2...b7.exe

windows7-x64

8

a80ae98cc2...b7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a80ae98cc229fa8488ddbe1a40432dcc24b9db5ecd9e797973ec3815aa6108b7

  • Size

    807KB

  • Sample

    221128-pz63wadf63

  • MD5

    a34c351089a7d4d50b0315f2fa5ba1ae

  • SHA1

    ddfbbbbf2f18a6cc747a9a560d877d248630ac89

  • SHA256

    a80ae98cc229fa8488ddbe1a40432dcc24b9db5ecd9e797973ec3815aa6108b7

  • SHA512

    b001ec4796fc66e82b6f9227bdf057281d441ed0eb3b7533e91cd560cd51d468127e4a17ad51011043239a23c7b023a53a200cc266b15d880bc07de77736f1c3

  • SSDEEP

    24576:dFU3XZISMSND63ZI0+TCtG3DlF8UnPhJArv7XEYGG:WMSNOZI0iJZXADuG

Score
8/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      a80ae98cc229fa8488ddbe1a40432dcc24b9db5ecd9e797973ec3815aa6108b7

    • Size

      807KB

    • MD5

      a34c351089a7d4d50b0315f2fa5ba1ae

    • SHA1

      ddfbbbbf2f18a6cc747a9a560d877d248630ac89

    • SHA256

      a80ae98cc229fa8488ddbe1a40432dcc24b9db5ecd9e797973ec3815aa6108b7

    • SHA512

      b001ec4796fc66e82b6f9227bdf057281d441ed0eb3b7533e91cd560cd51d468127e4a17ad51011043239a23c7b023a53a200cc266b15d880bc07de77736f1c3

    • SSDEEP

      24576:dFU3XZISMSND63ZI0+TCtG3DlF8UnPhJArv7XEYGG:WMSNOZI0iJZXADuG

    Score
    8/10
    evasionpersistencetrojan

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks