Overview

overview

10

Static

static

3

a34b4d1dd2...94.exe

windows7-x64

10

a34b4d1dd2...94.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a34b4d1dd2bc9ad0082cefad13853594

  • Size

    1.2MB

  • Sample

    240225-j3yysafd96

  • MD5

    a34b4d1dd2bc9ad0082cefad13853594

  • SHA1

    927398e6dd0acb8ea7500b23fc534c122d64bc22

  • SHA256

    788f2244200698ecdedf3e8e1b6b579f2aa0e3e2e12cd67d37fba61eee1f3377

  • SHA512

    dd708a89abdf29fa70682e1b1d3a418d33292ccf8db4aca58d44ac201670e4a30883ef958266dc727e52db7eefc90d125fc79b754cce9a4e9f1370e54b9e8f38

  • SSDEEP

    24576:UuhaXeZJ8NI8IOWObeZJ8NI8IOWOliVdK2:bl8e87sdK2

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      a34b4d1dd2bc9ad0082cefad13853594

    • Size

      1.2MB

    • MD5

      a34b4d1dd2bc9ad0082cefad13853594

    • SHA1

      927398e6dd0acb8ea7500b23fc534c122d64bc22

    • SHA256

      788f2244200698ecdedf3e8e1b6b579f2aa0e3e2e12cd67d37fba61eee1f3377

    • SHA512

      dd708a89abdf29fa70682e1b1d3a418d33292ccf8db4aca58d44ac201670e4a30883ef958266dc727e52db7eefc90d125fc79b754cce9a4e9f1370e54b9e8f38

    • SSDEEP

      24576:UuhaXeZJ8NI8IOWObeZJ8NI8IOWOliVdK2:bl8e87sdK2

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks