Overview

overview

10

Static

static

3

dffce7fe5a...ef.exe

windows7-x64

10

dffce7fe5a...ef.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dffce7fe5a998086d3e8e70c395ca9bbaa966b7ac74383e9de38c39732ab6cef

  • Size

    211KB

  • Sample

    240507-ckb8qsgf38

  • MD5

    4d6f250bb8d011ade5678301ef60d3d4

  • SHA1

    07c2ef14f490767bf938bd9bce997f3384da3be4

  • SHA256

    dffce7fe5a998086d3e8e70c395ca9bbaa966b7ac74383e9de38c39732ab6cef

  • SHA512

    52fce216b88e3089e57633f83c409abecf596d6ea126129be7136630503ee8e86250389a53bbc00e524c191ca0339faba895020e48f47b3b95c5b605d5ff183a

  • SSDEEP

    3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO4:Wh8cBzHLRMpZ4d1Z4

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      dffce7fe5a998086d3e8e70c395ca9bbaa966b7ac74383e9de38c39732ab6cef

    • Size

      211KB

    • MD5

      4d6f250bb8d011ade5678301ef60d3d4

    • SHA1

      07c2ef14f490767bf938bd9bce997f3384da3be4

    • SHA256

      dffce7fe5a998086d3e8e70c395ca9bbaa966b7ac74383e9de38c39732ab6cef

    • SHA512

      52fce216b88e3089e57633f83c409abecf596d6ea126129be7136630503ee8e86250389a53bbc00e524c191ca0339faba895020e48f47b3b95c5b605d5ff183a

    • SSDEEP

      3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO4:Wh8cBzHLRMpZ4d1Z4

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.