Overview

overview

8

Static

static

3

0918f2c762...ff.exe

windows7-x64

0918f2c762...ff.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0918f2c7625ade8c68cfa3f83ada1cff

  • Size

    692KB

  • Sample

    231230-a6x18afad2

  • MD5

    0918f2c7625ade8c68cfa3f83ada1cff

  • SHA1

    897eccd9e4b2c85b7b31bee7ff0b25100bafe747

  • SHA256

    cde02e5509ea2c706f1b835f72e997e6e02bed8599a3bc59c10ba973ed726d6b

  • SHA512

    088db5317f6569bf2d89ce80c47c79a24a2c280d3f599f2c50c53643d03b3f8f956df0526255c902a1d12d68693558782ab148c6e97d49d7fb9663f5905aa87c

  • SSDEEP

    12288:VYXJkWHSEFECIuFC9Qn0usEWmbqkc6oJNq:V02WHXxV0uvS6oX

Score
8/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      0918f2c7625ade8c68cfa3f83ada1cff

    • Size

      692KB

    • MD5

      0918f2c7625ade8c68cfa3f83ada1cff

    • SHA1

      897eccd9e4b2c85b7b31bee7ff0b25100bafe747

    • SHA256

      cde02e5509ea2c706f1b835f72e997e6e02bed8599a3bc59c10ba973ed726d6b

    • SHA512

      088db5317f6569bf2d89ce80c47c79a24a2c280d3f599f2c50c53643d03b3f8f956df0526255c902a1d12d68693558782ab148c6e97d49d7fb9663f5905aa87c

    • SSDEEP

      12288:VYXJkWHSEFECIuFC9Qn0usEWmbqkc6oJNq:V02WHXxV0uvS6oX

    Score
    8/10
    discoveryevasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks