Overview

overview

8

Static

static

a9fd3c4ad0...4a.exe

windows7-x64

8

a9fd3c4ad0...4a.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9fd3c4ad086d2a5d0584f22ed2f6187c7003d7520ab677e4cf93507ed31624a

  • Size

    95KB

  • Sample

    221204-1ckf5sgd73

  • MD5

    51b4f33d3a13403c2f2f60b02fe127e2

  • SHA1

    788b7c1ae6e2d67497c4f2f1212166bf2717a4f7

  • SHA256

    a9fd3c4ad086d2a5d0584f22ed2f6187c7003d7520ab677e4cf93507ed31624a

  • SHA512

    77b5a01ccc61774d945d67f4fd9c6f0d166614f7d731d1833d8c568b5f6938d9d1464746f94d118ef85c873aa487c1a0641242096516486c8a7bba9fa05efa00

  • SSDEEP

    1536:9YBlPPC+5+OI7lFvHJkoEEEESvhhGz8cgKdmDOy3s8aS+GaS+y/8VQQjTqdwrP1q:9YBx5+hFvpQhKdq881/17/aTjTqarP1q

Score
8/10
persistence

Malware Config

Targets

    • Target

      a9fd3c4ad086d2a5d0584f22ed2f6187c7003d7520ab677e4cf93507ed31624a

    • Size

      95KB

    • MD5

      51b4f33d3a13403c2f2f60b02fe127e2

    • SHA1

      788b7c1ae6e2d67497c4f2f1212166bf2717a4f7

    • SHA256

      a9fd3c4ad086d2a5d0584f22ed2f6187c7003d7520ab677e4cf93507ed31624a

    • SHA512

      77b5a01ccc61774d945d67f4fd9c6f0d166614f7d731d1833d8c568b5f6938d9d1464746f94d118ef85c873aa487c1a0641242096516486c8a7bba9fa05efa00

    • SSDEEP

      1536:9YBlPPC+5+OI7lFvHJkoEEEESvhhGz8cgKdmDOy3s8aS+GaS+y/8VQQjTqdwrP1q:9YBx5+hFvpQhKdq881/17/aTjTqarP1q

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks