Overview

overview

10

Static

static

3

bb6119b3ec...0b.exe

windows7-x64

10

bb6119b3ec...0b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb6119b3ec7f3b298b194dcbcaf5ac0b.exe

  • Size

    490KB

  • Sample

    231206-xwferacb34

  • MD5

    bb6119b3ec7f3b298b194dcbcaf5ac0b

  • SHA1

    2859fada566e1dcf1500d1cb7bd52810886b2539

  • SHA256

    8c0a88dd62f569cb09c64042f1ac0e8e415b0ce84785981eab0f12e1ec837ddd

  • SHA512

    71221f11bbc435bfb104600f31c4c0b675676fed5f17e85bfd844a50277d96e04dc01eb04add65622ac348065a3431d167adf847aba21a284862b900696f78ff

  • SSDEEP

    12288:fOAUPUMcA705kWM/9J6gqGBf/sAHZHbgdhgp+1aKbwPLG:5A7pB9/f/saZUde+fSLG

Score
10/10
persistence

Malware Config

Targets

    • Target

      bb6119b3ec7f3b298b194dcbcaf5ac0b.exe

    • Size

      490KB

    • MD5

      bb6119b3ec7f3b298b194dcbcaf5ac0b

    • SHA1

      2859fada566e1dcf1500d1cb7bd52810886b2539

    • SHA256

      8c0a88dd62f569cb09c64042f1ac0e8e415b0ce84785981eab0f12e1ec837ddd

    • SHA512

      71221f11bbc435bfb104600f31c4c0b675676fed5f17e85bfd844a50277d96e04dc01eb04add65622ac348065a3431d167adf847aba21a284862b900696f78ff

    • SSDEEP

      12288:fOAUPUMcA705kWM/9J6gqGBf/sAHZHbgdhgp+1aKbwPLG:5A7pB9/f/saZUde+fSLG

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks