Overview

overview

10

Static

static

3

8799aa4974...7e.exe

windows7-x64

10

8799aa4974...7e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8799aa4974c96b46d20cd9316aa4b47e

  • Size

    2.2MB

  • Sample

    240201-w93xjaedbm

  • MD5

    8799aa4974c96b46d20cd9316aa4b47e

  • SHA1

    aa06cc2cd656e9d2fde69159a2ef9b0b93614273

  • SHA256

    3c145f41f0cd16b07d93653c9ca7d7e19433d62d9b65e618fdbd248a48b358f9

  • SHA512

    12ac7674a90eb049c674c9962c2eca63c48a0037f2675fd340430cfe175b9342d6cccdb4a0221ca4f27223abb81bb6cb456c4eebef0bebbe144415d6a64df934

  • SSDEEP

    24576:Uuha79OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8JGpOE:bm88+88+88+88+88UwA

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      8799aa4974c96b46d20cd9316aa4b47e

    • Size

      2.2MB

    • MD5

      8799aa4974c96b46d20cd9316aa4b47e

    • SHA1

      aa06cc2cd656e9d2fde69159a2ef9b0b93614273

    • SHA256

      3c145f41f0cd16b07d93653c9ca7d7e19433d62d9b65e618fdbd248a48b358f9

    • SHA512

      12ac7674a90eb049c674c9962c2eca63c48a0037f2675fd340430cfe175b9342d6cccdb4a0221ca4f27223abb81bb6cb456c4eebef0bebbe144415d6a64df934

    • SSDEEP

      24576:Uuha79OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8+9OieZJ8NI8JGpOE:bm88+88+88+88+88UwA

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks