Overview

overview

10

Static

static

3

23dd969a11...64.exe

windows7-x64

10

23dd969a11...64.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23dd969a11a2cf68d6d5810a368a15dc19d0107208e5997b0f202bfffd310c64

  • Size

    75KB

  • Sample

    240521-yhlv2sge8t

  • MD5

    adae095f490f21215d79478145aa41d8

  • SHA1

    7a6d52de6625f83cfb267a7d6f3d530909cb69a8

  • SHA256

    23dd969a11a2cf68d6d5810a368a15dc19d0107208e5997b0f202bfffd310c64

  • SHA512

    81129d99a055ce23874142507c691701acd01127198e41eccf4e84e96c025c62e9a29949c7df22ba988f14a109105d0e741a4268e5b38779b2a9c0173922056d

  • SSDEEP

    1536:D+ahr/TZW44s41K18yXJxJPVO2LR6+lWCWQv:iW/ZW44O8yX7JlR6+bWQv

Score
10/10
persistence

Malware Config

Targets

    • Target

      23dd969a11a2cf68d6d5810a368a15dc19d0107208e5997b0f202bfffd310c64

    • Size

      75KB

    • MD5

      adae095f490f21215d79478145aa41d8

    • SHA1

      7a6d52de6625f83cfb267a7d6f3d530909cb69a8

    • SHA256

      23dd969a11a2cf68d6d5810a368a15dc19d0107208e5997b0f202bfffd310c64

    • SHA512

      81129d99a055ce23874142507c691701acd01127198e41eccf4e84e96c025c62e9a29949c7df22ba988f14a109105d0e741a4268e5b38779b2a9c0173922056d

    • SSDEEP

      1536:D+ahr/TZW44s41K18yXJxJPVO2LR6+lWCWQv:iW/ZW44O8yX7JlR6+bWQv

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks