Overview

overview

8

Static

static

bedfaf68c4...3c.exe

windows7-x64

8

bedfaf68c4...3c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bedfaf68c4a2e1dcb5b34612de969abad56ca81391280cc01c4621cc7c138c3c

  • Size

    56KB

  • Sample

    221128-r48tdabd28

  • MD5

    ac24102d53e85c33e5091ea061404fd7

  • SHA1

    4963f62f5e064eb21f6e292ed3380902e661659e

  • SHA256

    bedfaf68c4a2e1dcb5b34612de969abad56ca81391280cc01c4621cc7c138c3c

  • SHA512

    5f1cd4cbed516757e52a2630ca91ccbd87628eb0cc8cbac3e79d45bf1b0975d327d40ee774134feb410a8a635e59ecca911cd5faddb7aa2b707a7982c30fe66d

  • SSDEEP

    1536:qI7MesowLFZTdOwCzzWzDLdl+bLpBeifuUebK:z3sP5ZTdnCzzCDLrcpBeUuRG

Score
8/10
persistence

Malware Config

Targets

    • Target

      bedfaf68c4a2e1dcb5b34612de969abad56ca81391280cc01c4621cc7c138c3c

    • Size

      56KB

    • MD5

      ac24102d53e85c33e5091ea061404fd7

    • SHA1

      4963f62f5e064eb21f6e292ed3380902e661659e

    • SHA256

      bedfaf68c4a2e1dcb5b34612de969abad56ca81391280cc01c4621cc7c138c3c

    • SHA512

      5f1cd4cbed516757e52a2630ca91ccbd87628eb0cc8cbac3e79d45bf1b0975d327d40ee774134feb410a8a635e59ecca911cd5faddb7aa2b707a7982c30fe66d

    • SSDEEP

      1536:qI7MesowLFZTdOwCzzWzDLdl+bLpBeifuUebK:z3sP5ZTdnCzzCDLrcpBeUuRG

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks