Overview

overview

10

Static

static

3

7e0c581d29...ac.exe

windows7-x64

10

7e0c581d29...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e0c581d2918be67ee00990d8c224d59278bb95e630e8db66120d643641af5ac

  • Size

    237KB

  • Sample

    240522-b9a7asge49

  • MD5

    a1ee810dd7d0b11f5e1a258e87d5a74d

  • SHA1

    4788ee48ec5848deaa7d3a5ec92591e6756f02b6

  • SHA256

    7e0c581d2918be67ee00990d8c224d59278bb95e630e8db66120d643641af5ac

  • SHA512

    cb3e62da3f4d7621279eed991a2d7602570c063238fe921d47f3a88864f9a61da8ad93f8a25796953db16689884332107fa21965ce00df5dc7a6111c4acf8b72

  • SSDEEP

    3072:pa9KjKdBAUbj8Nq75Sq4iqnAUUjE02ZoL9snKKq:4MjWBXj8U5ihYjEToZY8

Score
10/10
persistence

Malware Config

Targets

    • Target

      7e0c581d2918be67ee00990d8c224d59278bb95e630e8db66120d643641af5ac

    • Size

      237KB

    • MD5

      a1ee810dd7d0b11f5e1a258e87d5a74d

    • SHA1

      4788ee48ec5848deaa7d3a5ec92591e6756f02b6

    • SHA256

      7e0c581d2918be67ee00990d8c224d59278bb95e630e8db66120d643641af5ac

    • SHA512

      cb3e62da3f4d7621279eed991a2d7602570c063238fe921d47f3a88864f9a61da8ad93f8a25796953db16689884332107fa21965ce00df5dc7a6111c4acf8b72

    • SSDEEP

      3072:pa9KjKdBAUbj8Nq75Sq4iqnAUUjE02ZoL9snKKq:4MjWBXj8U5ihYjEToZY8

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks