Overview

overview

10

Static

static

3

9743658860...cc.exe

windows7-x64

10

9743658860...cc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9743658860e0d05a5fad21f948cca0cc

  • Size

    1.3MB

  • Sample

    240212-qqsdssef3v

  • MD5

    9743658860e0d05a5fad21f948cca0cc

  • SHA1

    fc60f61549903632bae08808eaf7ea637ef87ac8

  • SHA256

    e150df20e33ff5866f6408da0f19b219474b105e47825c3027ecbb4e990c2435

  • SHA512

    e9fe2346e7691b35d156c95e6ae2eb07f3bc633c0381018a48cd1a753375f31455bb2401743f0196e58953e69e7c982fb95fb8b88282006f940bad2f096752d1

  • SSDEEP

    24576:UuhaXeZJ8NI8IOWOWOWBEeZJ8NI8IOWOWOWBL:bl8IBZ8IBL

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      9743658860e0d05a5fad21f948cca0cc

    • Size

      1.3MB

    • MD5

      9743658860e0d05a5fad21f948cca0cc

    • SHA1

      fc60f61549903632bae08808eaf7ea637ef87ac8

    • SHA256

      e150df20e33ff5866f6408da0f19b219474b105e47825c3027ecbb4e990c2435

    • SHA512

      e9fe2346e7691b35d156c95e6ae2eb07f3bc633c0381018a48cd1a753375f31455bb2401743f0196e58953e69e7c982fb95fb8b88282006f940bad2f096752d1

    • SSDEEP

      24576:UuhaXeZJ8NI8IOWOWOWBEeZJ8NI8IOWOWOWBL:bl8IBZ8IBL

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks