Overview

overview

10

Static

static

3

e9f92e21ff...17.exe

windows7-x64

1

e9f92e21ff...17.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9f92e21ff495d59f7370c31abb60c17.exe

  • Size

    192KB

  • Sample

    231206-x3cbnscc68

  • MD5

    e9f92e21ff495d59f7370c31abb60c17

  • SHA1

    62551b026a46adab53fca50fe6ae6b605b57815b

  • SHA256

    e446406c2e9fb5e4354343a661c3d9f50bdb5364c3734e43869773cc5581c5ec

  • SHA512

    231abd1d63d02cb1cf47a9ae0e5e99c89cb63a1afebc2875ab136ef0fc7f4d05fbc2c7f3d625516a934e4d23871efbc519be5825cbbceed8b399b51ad13f1a78

  • SSDEEP

    3072:Sl98g+caIFjCdGp+sdGF4nGsIGkhmhFi4pFm5fUUUUUUUUsBp+sdGF4nGsIGkhm:M+01CdG4sECIGkhmhzp0xUUUUUUUUsBB

Score
10/10
persistence

Malware Config

Targets

    • Target

      e9f92e21ff495d59f7370c31abb60c17.exe

    • Size

      192KB

    • MD5

      e9f92e21ff495d59f7370c31abb60c17

    • SHA1

      62551b026a46adab53fca50fe6ae6b605b57815b

    • SHA256

      e446406c2e9fb5e4354343a661c3d9f50bdb5364c3734e43869773cc5581c5ec

    • SHA512

      231abd1d63d02cb1cf47a9ae0e5e99c89cb63a1afebc2875ab136ef0fc7f4d05fbc2c7f3d625516a934e4d23871efbc519be5825cbbceed8b399b51ad13f1a78

    • SSDEEP

      3072:Sl98g+caIFjCdGp+sdGF4nGsIGkhmhFi4pFm5fUUUUUUUUsBp+sdGF4nGsIGkhm:M+01CdG4sECIGkhmhzp0xUUUUUUUUsBB

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks