Overview

overview

10

Static

static

3

2c0ba7d227...42.exe

windows7-x64

10

2c0ba7d227...42.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2c0ba7d2277ae381c73f5712ea9e0042

  • Size

    571KB

  • Sample

    231231-hgnp9abad8

  • MD5

    2c0ba7d2277ae381c73f5712ea9e0042

  • SHA1

    e06b954f79ec71872643f40d32a6e92255ea5776

  • SHA256

    fad3d13dc458586756ed699f253d0a114e173ffd80cac3975a00d0c0bcc0f7b8

  • SHA512

    b2ca9313c9ab28a0acfe8bb631b87e491021e5347dfcec39975d8cfcb10983c6536a803508dacfc335a8e17984518108e35973a5c3bee1c625a60c269eda6766

  • SSDEEP

    6144:UZfec9EbXDk6Rk5KWnmy+g4VrG1VVE+Iznmy+g4IE2EZ/UOPSe570Szp3bCPZIuv:UZWtI6RkXKu0ayOB0cCPZz

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      2c0ba7d2277ae381c73f5712ea9e0042

    • Size

      571KB

    • MD5

      2c0ba7d2277ae381c73f5712ea9e0042

    • SHA1

      e06b954f79ec71872643f40d32a6e92255ea5776

    • SHA256

      fad3d13dc458586756ed699f253d0a114e173ffd80cac3975a00d0c0bcc0f7b8

    • SHA512

      b2ca9313c9ab28a0acfe8bb631b87e491021e5347dfcec39975d8cfcb10983c6536a803508dacfc335a8e17984518108e35973a5c3bee1c625a60c269eda6766

    • SSDEEP

      6144:UZfec9EbXDk6Rk5KWnmy+g4VrG1VVE+Iznmy+g4IE2EZ/UOPSe570Szp3bCPZIuv:UZWtI6RkXKu0ayOB0cCPZz

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks