Overview

overview

10

Static

static

3

5518819700...2e.exe

windows7-x64

10

5518819700...2e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55188197000b1a061db1bfba7f16822e

  • Size

    1.0MB

  • Sample

    231226-fb5epsfceq

  • MD5

    55188197000b1a061db1bfba7f16822e

  • SHA1

    990735e8531f91069fa5ea07f2f6ba20323d1aac

  • SHA256

    59520b6427b4e2ce7a045a01aac3d33586bcf58fee5ec6e912b4e8c60040aa32

  • SHA512

    b6252135b978a32355e21640c1a7b151fbdf896d69bdf00d6e3a214c1084435dd19353d3a74c42528512a50142aa02cc44e30707dadc02b17d8c1804c64de46c

  • SSDEEP

    12288:UZWtI6RkMIerQZb+md4w1UDIerQZb+md4w1UM:UuhaTerQZb+md4wmcerQZb+md4wmM

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      55188197000b1a061db1bfba7f16822e

    • Size

      1.0MB

    • MD5

      55188197000b1a061db1bfba7f16822e

    • SHA1

      990735e8531f91069fa5ea07f2f6ba20323d1aac

    • SHA256

      59520b6427b4e2ce7a045a01aac3d33586bcf58fee5ec6e912b4e8c60040aa32

    • SHA512

      b6252135b978a32355e21640c1a7b151fbdf896d69bdf00d6e3a214c1084435dd19353d3a74c42528512a50142aa02cc44e30707dadc02b17d8c1804c64de46c

    • SSDEEP

      12288:UZWtI6RkMIerQZb+md4w1UDIerQZb+md4w1UM:UuhaTerQZb+md4wmcerQZb+md4wmM

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks