Overview

overview

10

Static

static

ecef9c23a5...08.exe

windows7-x64

10

ecef9c23a5...08.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecef9c23a5de343eba209c43bbad2a521fc403069acddb2a4ce8965404d28e08

  • Size

    140KB

  • Sample

    221203-xtck3sgb74

  • MD5

    34fb496426b66de83257f34239f196eb

  • SHA1

    737f705d32dd3969b2a688da8b8250004a857ea2

  • SHA256

    ecef9c23a5de343eba209c43bbad2a521fc403069acddb2a4ce8965404d28e08

  • SHA512

    97f8f1a9fb6213bcabe5ad186a62e4605ac3f57c5d8f8504c06a4dbf14942f3d8f71bb343b7a5e3fc2d83dae657086030b58faebcec9ae701f337b38c31060fb

  • SSDEEP

    3072:6feOeIStu3NP0glbFhBFtB+oTzgRAQID0puQWO+H29RZvoi5FtbG:6xuANcglbFhBzccFJO+H2lvoi5Ftb

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      ecef9c23a5de343eba209c43bbad2a521fc403069acddb2a4ce8965404d28e08

    • Size

      140KB

    • MD5

      34fb496426b66de83257f34239f196eb

    • SHA1

      737f705d32dd3969b2a688da8b8250004a857ea2

    • SHA256

      ecef9c23a5de343eba209c43bbad2a521fc403069acddb2a4ce8965404d28e08

    • SHA512

      97f8f1a9fb6213bcabe5ad186a62e4605ac3f57c5d8f8504c06a4dbf14942f3d8f71bb343b7a5e3fc2d83dae657086030b58faebcec9ae701f337b38c31060fb

    • SSDEEP

      3072:6feOeIStu3NP0glbFhBFtB+oTzgRAQID0puQWO+H29RZvoi5FtbG:6xuANcglbFhBzccFJO+H2lvoi5Ftb

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies firewall policy service

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks