Overview

overview

10

Static

static

3

4a4e4b2a29...5a.exe

windows7-x64

10

4a4e4b2a29...5a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4a4e4b2a2980a7db173c75bf8f2dd65a

  • Size

    108KB

  • Sample

    231226-b6nyzsecc3

  • MD5

    4a4e4b2a2980a7db173c75bf8f2dd65a

  • SHA1

    9de727ea927695797bf7d0be6faae2d2ecdbb5a5

  • SHA256

    7ddb495a1a3025d2eebcb9403584a1ce39feaf93de87fec8eaee46dd35a61aae

  • SHA512

    f4c0dba77808f065f31331e635953847c5ccb1f985a1dc77bff3334a10e95a2d27fd11c3a9cff99004bf81120e8bd72162343c434b27cdac6e5609575e5a7aca

  • SSDEEP

    3072:EZjurA1K+wde4Rx/Kpxti7r2WYBNHELO/5CHlnD:eV9Vv029N2GGlnD

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      4a4e4b2a2980a7db173c75bf8f2dd65a

    • Size

      108KB

    • MD5

      4a4e4b2a2980a7db173c75bf8f2dd65a

    • SHA1

      9de727ea927695797bf7d0be6faae2d2ecdbb5a5

    • SHA256

      7ddb495a1a3025d2eebcb9403584a1ce39feaf93de87fec8eaee46dd35a61aae

    • SHA512

      f4c0dba77808f065f31331e635953847c5ccb1f985a1dc77bff3334a10e95a2d27fd11c3a9cff99004bf81120e8bd72162343c434b27cdac6e5609575e5a7aca

    • SSDEEP

      3072:EZjurA1K+wde4Rx/Kpxti7r2WYBNHELO/5CHlnD:eV9Vv029N2GGlnD

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Sets service image path in registry

      persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks