Overview

overview

10

Static

static

3

048a23b69e...b4.exe

windows7-x64

10

048a23b69e...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    048a23b69e5b9faf913b94ea8f327ab4

  • Size

    424KB

  • Sample

    231229-1ek6fseden

  • MD5

    048a23b69e5b9faf913b94ea8f327ab4

  • SHA1

    ec4eae0b3a074742e8bd5c0007bb9609b33a162e

  • SHA256

    05ab2a3daa837fe21d3cea7782113dbdc239c14cbadfde7d41bfdf35b7bff99d

  • SHA512

    5076393e8c3128156c40619fa0b6b3245bc5d695cc98e8d4e8ae1264a37d860b9ed0d5479f738afe79b3accc38382f655bfccffdfbe492eb9e12eb5b9c8445a9

  • SSDEEP

    6144:UZfec9EbXDk6Rk8K0l+lXDZJfLufs73dOk0XDpNjNOpys8/:UZWtI6Rk6eZJys73dOvXDpNjNe8/

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      048a23b69e5b9faf913b94ea8f327ab4

    • Size

      424KB

    • MD5

      048a23b69e5b9faf913b94ea8f327ab4

    • SHA1

      ec4eae0b3a074742e8bd5c0007bb9609b33a162e

    • SHA256

      05ab2a3daa837fe21d3cea7782113dbdc239c14cbadfde7d41bfdf35b7bff99d

    • SHA512

      5076393e8c3128156c40619fa0b6b3245bc5d695cc98e8d4e8ae1264a37d860b9ed0d5479f738afe79b3accc38382f655bfccffdfbe492eb9e12eb5b9c8445a9

    • SSDEEP

      6144:UZfec9EbXDk6Rk8K0l+lXDZJfLufs73dOk0XDpNjNOpys8/:UZWtI6Rk6eZJys73dOvXDpNjNe8/

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks