Overview

overview

8

Static

static

1

82de6da5a0...26.exe

windows7-x64

8

82de6da5a0...26.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    82de6da5a0e98e6535ec9375679c22a7faf31e200e1cacbb905a3d36736c4f26.exe.zip

  • Size

    481KB

  • Sample

    231231-bhzqksead3

  • MD5

    db7581014d00c8ff9034534a37a7370b

  • SHA1

    2f2b5a10be1f723f2065375fb443ce625939df5a

  • SHA256

    b8cdef86104d3bf23242b8574ab76b0d31a98897cb189090bbce8c62fa18bac8

  • SHA512

    1009b6fa3d7d9a6aca43ec0eab2a42bf525bf2250e6d2ad23b1735f5d4f39574cca2c1ecf6eeb99a533ea3a649350eed03bffabe4c85d38d7ab6efac9419580f

  • SSDEEP

    12288:SKPtqdm2ptYqbWxnnsetfdfnYD8fE4MQl1F:/qdm2pHWxnF5b3F

Score
8/10
persistence

Malware Config

Targets

    • Target

      82de6da5a0e98e6535ec9375679c22a7faf31e200e1cacbb905a3d36736c4f26.exe

    • Size

      514KB

    • MD5

      fd265d88bb9641b04158db462a49f767

    • SHA1

      e2d871ef3c661db795ea8ba87e3d1a985cbc4fe7

    • SHA256

      82de6da5a0e98e6535ec9375679c22a7faf31e200e1cacbb905a3d36736c4f26

    • SHA512

      47318350af7a9956ea4dd0cc6ffb38688a18b68567a2ad09349928a44f4cb44c2193f6474a3613ba1c9535a107d1d663b5b20bdf8a3d99b4ecdfc40adb8d3930

    • SSDEEP

      12288:1r4W0saArLbkSO0hKH+l175ivmgxJIWyEjYgPv:10BsaQkIKH+WfX/vEgPv

    Score
    8/10
    persistence

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks