Overview

overview

9

Static

static

1

12b3339c32...d2.exe

windows7-x64

9

12b3339c32...d2.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    12b3339c32e011c6dde516812cd137d2

  • Size

    3.6MB

  • Sample

    231224-z5vxxaecgm

  • MD5

    12b3339c32e011c6dde516812cd137d2

  • SHA1

    a8c3b57db050e617d87fefc5d70325c8f2bd2bae

  • SHA256

    0ed1f092e4b47abf04e359bd13d93a6e0a3f8b0fa2f91ae30e30f303c33faccd

  • SHA512

    69e283013b87a54bb121fbd3f4c40e0cd8fa4c8668d18affa63505849ae73080e0f379eb8133906cc39dd7ae6779c479085a4579b6753a90bae042ef1a59ccc1

  • SSDEEP

    98304:nmcXfY53DCmAL+eL/1obDKFP4nGbJYLHFjD+8l1Am:mcWGFL+Q/1obTGbJc+8l7

Score
9/10
discoveryevasion

Malware Config

Targets

    • Target

      12b3339c32e011c6dde516812cd137d2

    • Size

      3.6MB

    • MD5

      12b3339c32e011c6dde516812cd137d2

    • SHA1

      a8c3b57db050e617d87fefc5d70325c8f2bd2bae

    • SHA256

      0ed1f092e4b47abf04e359bd13d93a6e0a3f8b0fa2f91ae30e30f303c33faccd

    • SHA512

      69e283013b87a54bb121fbd3f4c40e0cd8fa4c8668d18affa63505849ae73080e0f379eb8133906cc39dd7ae6779c479085a4579b6753a90bae042ef1a59ccc1

    • SSDEEP

      98304:nmcXfY53DCmAL+eL/1obDKFP4nGbJYLHFjD+8l1Am:mcWGFL+Q/1obTGbJc+8l7

    Score
    9/10
    discoveryevasion

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks