Overview

overview

10

Static

static

3

2756c983fc...71.exe

windows7-x64

10

2756c983fc...71.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2756c983fcdfd42b1261fa74bca84971.exe

  • Size

    896KB

  • Sample

    231206-xzrl7acc38

  • MD5

    2756c983fcdfd42b1261fa74bca84971

  • SHA1

    b9d1d91903a8161e7d1b165da2992c164297311b

  • SHA256

    511dce9bd269792976444137a9598d72bc3f0c75d98b78bca99f359535f8dd12

  • SHA512

    e2ccdf003160c5e8ecf39332c1e58d88157b931b789efd7b7d02b04f9a743eaed2bb8fc9840639e744b0fe8a944c49c0d2d5df449f2043378fbd4c571b3e1626

  • SSDEEP

    24576:6BR6Ph2kkkkK4kXkkkkkkkkhLX3a20R0v50+5:IWbazR0vp

Score
10/10
persistence

Malware Config

Targets

    • Target

      2756c983fcdfd42b1261fa74bca84971.exe

    • Size

      896KB

    • MD5

      2756c983fcdfd42b1261fa74bca84971

    • SHA1

      b9d1d91903a8161e7d1b165da2992c164297311b

    • SHA256

      511dce9bd269792976444137a9598d72bc3f0c75d98b78bca99f359535f8dd12

    • SHA512

      e2ccdf003160c5e8ecf39332c1e58d88157b931b789efd7b7d02b04f9a743eaed2bb8fc9840639e744b0fe8a944c49c0d2d5df449f2043378fbd4c571b3e1626

    • SSDEEP

      24576:6BR6Ph2kkkkK4kXkkkkkkkkhLX3a20R0v50+5:IWbazR0vp

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks