Overview

overview

10

Static

static

3

66965c1b6e...3c.exe

windows7-x64

10

66965c1b6e...3c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    66965c1b6e44060904f4edc1db27a83c

  • Size

    828KB

  • Sample

    240119-cam79aeea2

  • MD5

    66965c1b6e44060904f4edc1db27a83c

  • SHA1

    59f67acc97b0b5e8f0b7e9cd8060272dcfc2811e

  • SHA256

    6d92444385f52f0eb8656011cff4f02b23905f1db54a1a5b8fec52b50990bf57

  • SHA512

    a418e80de7889f9a8d865dd1fe8639f72e57a2aee3686c2b7522179285714138249e163a97ed56dc05eae27963200cd8c175a606b535ce32f815b71dc1407622

  • SSDEEP

    6144:UZfec9EbXDk6RkdKzGFrQZb++tdsHP4+QfI6U9/UOPSe570Szp3Znmy+g46nmy+a:UZWtI6Rk2erQZb+md4w1UWOB06VKut

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      66965c1b6e44060904f4edc1db27a83c

    • Size

      828KB

    • MD5

      66965c1b6e44060904f4edc1db27a83c

    • SHA1

      59f67acc97b0b5e8f0b7e9cd8060272dcfc2811e

    • SHA256

      6d92444385f52f0eb8656011cff4f02b23905f1db54a1a5b8fec52b50990bf57

    • SHA512

      a418e80de7889f9a8d865dd1fe8639f72e57a2aee3686c2b7522179285714138249e163a97ed56dc05eae27963200cd8c175a606b535ce32f815b71dc1407622

    • SSDEEP

      6144:UZfec9EbXDk6RkdKzGFrQZb++tdsHP4+QfI6U9/UOPSe570Szp3Znmy+g46nmy+a:UZWtI6Rk2erQZb+md4w1UWOB06VKut

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks