Overview

overview

10

Static

static

a39ce17363...2a.exe

windows7-x64

10

a39ce17363...2a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a39ce17363702591d100864d4cee816a8e80f1660daa451469d4bb7844ba052a

  • Size

    211KB

  • Sample

    221206-yh7grabd9x

  • MD5

    223c682b3d3c759bd9adc9504b4f5310

  • SHA1

    21398b51d045451f7855cc4da4ff60484148ebf8

  • SHA256

    a39ce17363702591d100864d4cee816a8e80f1660daa451469d4bb7844ba052a

  • SHA512

    5984334f43c6af022dc2d475e0de636060c8d20a959cda33de1d59041b5a52a8a66793e4d29651890ea949530b7a1f56bd08c6d4322ed491ffebe91501548588

  • SSDEEP

    3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOXW:Jh8cBzHLRMpZ4d1ZXW

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      a39ce17363702591d100864d4cee816a8e80f1660daa451469d4bb7844ba052a

    • Size

      211KB

    • MD5

      223c682b3d3c759bd9adc9504b4f5310

    • SHA1

      21398b51d045451f7855cc4da4ff60484148ebf8

    • SHA256

      a39ce17363702591d100864d4cee816a8e80f1660daa451469d4bb7844ba052a

    • SHA512

      5984334f43c6af022dc2d475e0de636060c8d20a959cda33de1d59041b5a52a8a66793e4d29651890ea949530b7a1f56bd08c6d4322ed491ffebe91501548588

    • SSDEEP

      3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOXW:Jh8cBzHLRMpZ4d1ZXW

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks