Overview

overview

10

Static

static

3

0a792f9b41...e9.exe

windows7-x64

10

0a792f9b41...e9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a792f9b412276ed2789c5d1b1bfdfe9.exe

  • Size

    64KB

  • Sample

    231206-xvw14scb22

  • MD5

    0a792f9b412276ed2789c5d1b1bfdfe9

  • SHA1

    e6fb4ddbb767fce785ff3e0982262910b79bfb93

  • SHA256

    13f556bc55f1abdb12f197dd236315ba78af0e564e2ecd983d5b742be3de160b

  • SHA512

    a999364bc9da6e7ce7242e2d5652b9e68babc7c746ac74fe4cfdd7c871337bf3fd959030c3dade6722c70db1d51efa8893b7080d591d66a1ce9688c695baa3e5

  • SSDEEP

    768:wNwvLKmJ0UegvP5e2sTqrX4WWRb2LxG3mcl9J24eN2p/1H55Xdnh0Usb0DWB:w8tekebTw4WWN24mWMN2LBrDWB

Score
10/10
persistence

Malware Config

Targets

    • Target

      0a792f9b412276ed2789c5d1b1bfdfe9.exe

    • Size

      64KB

    • MD5

      0a792f9b412276ed2789c5d1b1bfdfe9

    • SHA1

      e6fb4ddbb767fce785ff3e0982262910b79bfb93

    • SHA256

      13f556bc55f1abdb12f197dd236315ba78af0e564e2ecd983d5b742be3de160b

    • SHA512

      a999364bc9da6e7ce7242e2d5652b9e68babc7c746ac74fe4cfdd7c871337bf3fd959030c3dade6722c70db1d51efa8893b7080d591d66a1ce9688c695baa3e5

    • SSDEEP

      768:wNwvLKmJ0UegvP5e2sTqrX4WWRb2LxG3mcl9J24eN2p/1H55Xdnh0Usb0DWB:w8tekebTw4WWN24mWMN2LBrDWB

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks