Overview

overview

10

Static

static

3

330906383f...d0.exe

windows7-x64

10

330906383f...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    330906383fb9efee68749cf41b0d11d0.exe

  • Size

    194KB

  • Sample

    231206-xqtp7aca54

  • MD5

    330906383fb9efee68749cf41b0d11d0

  • SHA1

    64c84defbcfaf45756efad2d29eb04ea093c5be1

  • SHA256

    81b58c0e7a969eceede9856ed73418e8701d53bd67aaeb0c377cee3512c252eb

  • SHA512

    27236466fbd86e614c7454e31ad1e8fae699297336713a5f0df2799eb91dbbc9ad15340f5619666f9a275f1f2bf4a94c7e7814f7fbfbe2b804dd6ab7fd72c226

  • SSDEEP

    3072:Lh8pYKibwm3oYQ8eTgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ+uFli55p1:Lh8pYKibwmroCrtMsQBvli

Score
10/10
persistence

Malware Config

Targets

    • Target

      330906383fb9efee68749cf41b0d11d0.exe

    • Size

      194KB

    • MD5

      330906383fb9efee68749cf41b0d11d0

    • SHA1

      64c84defbcfaf45756efad2d29eb04ea093c5be1

    • SHA256

      81b58c0e7a969eceede9856ed73418e8701d53bd67aaeb0c377cee3512c252eb

    • SHA512

      27236466fbd86e614c7454e31ad1e8fae699297336713a5f0df2799eb91dbbc9ad15340f5619666f9a275f1f2bf4a94c7e7814f7fbfbe2b804dd6ab7fd72c226

    • SSDEEP

      3072:Lh8pYKibwm3oYQ8eTgu+tAcrbFAJc+RsUi1aVDkOvhJjvJ+uFli55p1:Lh8pYKibwmroCrtMsQBvli

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks