Overview

overview

10

Static

static

3

626aec9a2a...92.exe

windows7-x64

10

626aec9a2a...92.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    626aec9a2ac08f7edf6973f527562b92.exe

  • Size

    2.1MB

  • Sample

    240106-l5cjnseda9

  • MD5

    626aec9a2ac08f7edf6973f527562b92

  • SHA1

    77cb2d66d40725140b49ec24fa3e002ac4a825de

  • SHA256

    0b19dafc371c91c936eab535fe5bb0099240cb36d4520d67837e18faa997d31e

  • SHA512

    1e9bfba7735ccc6eba5c4dfb06cdac019ff6d391f16a8ff930f7029ddf1ae1ef6d86543c8e2e58a62e5aa95f6107eb45a10b8e22e65736d514d4b4bba9b692cf

  • SSDEEP

    49152:bferQZbd2f8IerQZbd2f8IerQZbd2f82l:CrQZRrQZRrQZ6

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      626aec9a2ac08f7edf6973f527562b92.exe

    • Size

      2.1MB

    • MD5

      626aec9a2ac08f7edf6973f527562b92

    • SHA1

      77cb2d66d40725140b49ec24fa3e002ac4a825de

    • SHA256

      0b19dafc371c91c936eab535fe5bb0099240cb36d4520d67837e18faa997d31e

    • SHA512

      1e9bfba7735ccc6eba5c4dfb06cdac019ff6d391f16a8ff930f7029ddf1ae1ef6d86543c8e2e58a62e5aa95f6107eb45a10b8e22e65736d514d4b4bba9b692cf

    • SSDEEP

      49152:bferQZbd2f8IerQZbd2f8IerQZbd2f82l:CrQZRrQZRrQZ6

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks