Overview

overview

7

Static

static

1

16d7baed4a...2e.exe

windows7-x64

7

16d7baed4a...2e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    16d7baed4ab92c3f84891522bcaf652e

  • Size

    853KB

  • Sample

    231230-naefwshbg3

  • MD5

    16d7baed4ab92c3f84891522bcaf652e

  • SHA1

    c37368cf415aaafc5c917bff3c5a1596c32f99d5

  • SHA256

    6d276520ce668eed980491aa05cfc6505d77c8310cd6bf14314c87b330efbf7c

  • SHA512

    a6296d9f376f696b5a1499698b87a8889fa7294e952e5044c85ecac39bf963db5a2c335110f041af05ac766563fb26265955b1c8223f4aefcb4dce323ee40d24

  • SSDEEP

    24576:/vaxihdAxgq4kBbOrtJMJ/swP61dPX83tD:/vmRSiKodfPoPsl

Score
7/10
discovery

Malware Config

Targets

    • Target

      16d7baed4ab92c3f84891522bcaf652e

    • Size

      853KB

    • MD5

      16d7baed4ab92c3f84891522bcaf652e

    • SHA1

      c37368cf415aaafc5c917bff3c5a1596c32f99d5

    • SHA256

      6d276520ce668eed980491aa05cfc6505d77c8310cd6bf14314c87b330efbf7c

    • SHA512

      a6296d9f376f696b5a1499698b87a8889fa7294e952e5044c85ecac39bf963db5a2c335110f041af05ac766563fb26265955b1c8223f4aefcb4dce323ee40d24

    • SSDEEP

      24576:/vaxihdAxgq4kBbOrtJMJ/swP61dPX83tD:/vmRSiKodfPoPsl

    Score
    7/10
    discovery

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks