Overview

overview

8

Static

static

cbd1d3a426...27.exe

windows7-x64

8

cbd1d3a426...27.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cbd1d3a426e0f70bf087ef33ce3ce3a54c47f79b11c8a045c742d64fae53da27

  • Size

    196KB

  • Sample

    221128-rwlnwaef8v

  • MD5

    9779201319cb781619e34fb60e456d46

  • SHA1

    15e643a3d23a62cac36ec4f1e02f1bee573847a1

  • SHA256

    cbd1d3a426e0f70bf087ef33ce3ce3a54c47f79b11c8a045c742d64fae53da27

  • SHA512

    44e6dd958118e3634b97ceba75d01cd1db3098a686e04e58223b619a90a5fe3b2bbd365a190e5a3c18cfb4254e37917c1f8a20ef0c0e9a5aef73c8339bf22e74

  • SSDEEP

    3072:JxrJOfxfkksCmh/yG+1vIebEBCiy+7aLyIVJochcCTpiwe9El8906uqMkeheqX8:JDOfxMBQ1EBCC+LroHCTcT906pehz8

Score
8/10
persistence

Malware Config

Targets

    • Target

      cbd1d3a426e0f70bf087ef33ce3ce3a54c47f79b11c8a045c742d64fae53da27

    • Size

      196KB

    • MD5

      9779201319cb781619e34fb60e456d46

    • SHA1

      15e643a3d23a62cac36ec4f1e02f1bee573847a1

    • SHA256

      cbd1d3a426e0f70bf087ef33ce3ce3a54c47f79b11c8a045c742d64fae53da27

    • SHA512

      44e6dd958118e3634b97ceba75d01cd1db3098a686e04e58223b619a90a5fe3b2bbd365a190e5a3c18cfb4254e37917c1f8a20ef0c0e9a5aef73c8339bf22e74

    • SSDEEP

      3072:JxrJOfxfkksCmh/yG+1vIebEBCiy+7aLyIVJochcCTpiwe9El8906uqMkeheqX8:JDOfxMBQ1EBCC+LroHCTcT906pehz8

    Score
    8/10
    persistence

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks