Overview

overview

10

Static

static

5

2404a64dc7...e3.exe

windows7-x64

10

2404a64dc7...e3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2404a64dc7eb01e38b3925e5a804f728a2ff0c91ffdad0169b44ffa30310ebe3

  • Size

    1.1MB

  • Sample

    221205-n5c7bagd54

  • MD5

    3eaddb3179329c7da894faceb195e8f7

  • SHA1

    4df9a59f4d8157f08e8668e396993e67b3798adc

  • SHA256

    2404a64dc7eb01e38b3925e5a804f728a2ff0c91ffdad0169b44ffa30310ebe3

  • SHA512

    066ff9953464a020e69a6a4de4ececa2d30236dc3829b16e3965f2b579f21f1613e523f2e3d5b7e8e0b5f458ef4214a49cc8d0fa01e8d7db8617d96aafe56cf7

  • SSDEEP

    24576:KJeJfAqkjp98zHpieToVKkSBcJ9nPx/igrp:geJfAJGpL8VKBsnP8

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      2404a64dc7eb01e38b3925e5a804f728a2ff0c91ffdad0169b44ffa30310ebe3

    • Size

      1.1MB

    • MD5

      3eaddb3179329c7da894faceb195e8f7

    • SHA1

      4df9a59f4d8157f08e8668e396993e67b3798adc

    • SHA256

      2404a64dc7eb01e38b3925e5a804f728a2ff0c91ffdad0169b44ffa30310ebe3

    • SHA512

      066ff9953464a020e69a6a4de4ececa2d30236dc3829b16e3965f2b579f21f1613e523f2e3d5b7e8e0b5f458ef4214a49cc8d0fa01e8d7db8617d96aafe56cf7

    • SSDEEP

      24576:KJeJfAqkjp98zHpieToVKkSBcJ9nPx/igrp:geJfAJGpL8VKBsnP8

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks