Overview

overview

10

Static

static

3

2af85a983a...30.exe

windows7-x64

10

2af85a983a...30.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2af85a983a5616dc5a66857f9a065c30.exe

  • Size

    43KB

  • Sample

    240110-weksgadbd2

  • MD5

    2af85a983a5616dc5a66857f9a065c30

  • SHA1

    f9835cff947f20568d40a0d48e36b2605083c0b2

  • SHA256

    6afe9d118ecf546c583a6fc7672251aeede85e54791022e48c6a7a6ec0d16247

  • SHA512

    1f1a9cd0f1bf6419a2b8c1e71e6ea44c77d1625a4222e694c9308f20d7467228b866fe936fd312f00bd692ca61802e64625d49d5e6aae99f15550578c78de2bb

  • SSDEEP

    768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRRf:RUNHFKQbIkHvGkAm

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      2af85a983a5616dc5a66857f9a065c30.exe

    • Size

      43KB

    • MD5

      2af85a983a5616dc5a66857f9a065c30

    • SHA1

      f9835cff947f20568d40a0d48e36b2605083c0b2

    • SHA256

      6afe9d118ecf546c583a6fc7672251aeede85e54791022e48c6a7a6ec0d16247

    • SHA512

      1f1a9cd0f1bf6419a2b8c1e71e6ea44c77d1625a4222e694c9308f20d7467228b866fe936fd312f00bd692ca61802e64625d49d5e6aae99f15550578c78de2bb

    • SSDEEP

      768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRRf:RUNHFKQbIkHvGkAm

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks