Overview

overview

10

Static

static

10

Sonar.AutoSwitch.zip

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sonar.AutoSwitch.zip

  • Size

    23MB

  • Sample

    221215-gz5wtabg77

  • MD5

    45aa36c06afe11d5c835f056315b6e55

  • SHA1

    8ff0600fc7fb253c0e53f3d0c6cc10068239988d

  • SHA256

    11268bfe0f8fd833cba169427a75f4e129b7bf9e7dcb105e7f0c9936c8f9e3cf

  • SHA512

    cf57bd04dd1de474fdae6dc15597f8ad4e419962588e1dd5d251e18b8609981ff208116dbba87d7141fabe2b90b88ac76e36cded43542504e0d71434489ff5b6

  • SSDEEP

    393216:03j8rZPP+BKRU68ywqcnpeAVRYd8VYKvkWZp9DlDGL9bIcIwETjb+frDBPEhzL4X:gOZPZz8ocnkAVRYd8VY45ZpOL9bPIw3V

Score
10/10
coreentitypersistence

Malware Config

Targets

    • Target

      Sonar.AutoSwitch.zip

    • Size

      23MB

    • MD5

      45aa36c06afe11d5c835f056315b6e55

    • SHA1

      8ff0600fc7fb253c0e53f3d0c6cc10068239988d

    • SHA256

      11268bfe0f8fd833cba169427a75f4e129b7bf9e7dcb105e7f0c9936c8f9e3cf

    • SHA512

      cf57bd04dd1de474fdae6dc15597f8ad4e419962588e1dd5d251e18b8609981ff208116dbba87d7141fabe2b90b88ac76e36cded43542504e0d71434489ff5b6

    • SSDEEP

      393216:03j8rZPP+BKRU68ywqcnpeAVRYd8VYKvkWZp9DlDGL9bIcIwETjb+frDBPEhzL4X:gOZPZz8ocnkAVRYd8VY45ZpOL9bPIw3V

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

1
T1112

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Tasks