Overview

overview

10

Static

static

3

7e9f8a8568...e2.exe

windows7-x64

10

7e9f8a8568...e2.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7e9f8a8568eaff1e3def49bc3d0abae2

  • Size

    31KB

  • Sample

    240129-cq5ggafga7

  • MD5

    7e9f8a8568eaff1e3def49bc3d0abae2

  • SHA1

    291c04c6e2b8e3dae863bbff324d30c20af8c3af

  • SHA256

    66b9e2b1e9188814de67118e50bc8e15977f83d8b2de500e9eb4400722a412a8

  • SHA512

    db2a0adb8368e3c01b0a4f0b2ccef91885790542ae4d807a62f525e43bab1c9214df7044cbca78bf77964338b60b9cc615df9b6afc6ba1b7681acd68592fb805

  • SSDEEP

    768:12RXWaHxnoyvxEQfzGwsQjIria4i7K2+BP57i4KwVxB1:12LRoyvaQf09K2+BP57dVd

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      7e9f8a8568eaff1e3def49bc3d0abae2

    • Size

      31KB

    • MD5

      7e9f8a8568eaff1e3def49bc3d0abae2

    • SHA1

      291c04c6e2b8e3dae863bbff324d30c20af8c3af

    • SHA256

      66b9e2b1e9188814de67118e50bc8e15977f83d8b2de500e9eb4400722a412a8

    • SHA512

      db2a0adb8368e3c01b0a4f0b2ccef91885790542ae4d807a62f525e43bab1c9214df7044cbca78bf77964338b60b9cc615df9b6afc6ba1b7681acd68592fb805

    • SSDEEP

      768:12RXWaHxnoyvxEQfzGwsQjIria4i7K2+BP57i4KwVxB1:12LRoyvaQf09K2+BP57dVd

    Score
    10/10
    evasionpersistence

    • Modifies security service

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Sets file execution options in registry

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks