Overview

overview

10

Static

static

60a7bb4bb2...80.exe

windows7-x64

10

60a7bb4bb2...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60a7bb4bb245b81e3ca92d849420c30e35f9b5c6488cd1007f7d85e648da5280

  • Size

    157KB

  • Sample

    221206-ag5d1aaf79

  • MD5

    00ee9cad5772885233558397eb377300

  • SHA1

    1b9bca0e4a1a7d758293c22409bd30ae83f6fa57

  • SHA256

    60a7bb4bb245b81e3ca92d849420c30e35f9b5c6488cd1007f7d85e648da5280

  • SHA512

    4fe21e1db86d337712300160797cf67e55977cba4852364ef5fdb2ef15c41da30397648e8260cf20ae834639819684e3c2891486c47af963d6fd0b6ea8814960

  • SSDEEP

    3072:iBC4bd4CQwYz70E2KawoZiKAZ6pbYVyeecaia3R:V4pf4z9cDAZ7sedyB

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      60a7bb4bb245b81e3ca92d849420c30e35f9b5c6488cd1007f7d85e648da5280

    • Size

      157KB

    • MD5

      00ee9cad5772885233558397eb377300

    • SHA1

      1b9bca0e4a1a7d758293c22409bd30ae83f6fa57

    • SHA256

      60a7bb4bb245b81e3ca92d849420c30e35f9b5c6488cd1007f7d85e648da5280

    • SHA512

      4fe21e1db86d337712300160797cf67e55977cba4852364ef5fdb2ef15c41da30397648e8260cf20ae834639819684e3c2891486c47af963d6fd0b6ea8814960

    • SSDEEP

      3072:iBC4bd4CQwYz70E2KawoZiKAZ6pbYVyeecaia3R:V4pf4z9cDAZ7sedyB

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks