Overview

overview

7

Static

static

3

77b184c69a...84.exe

windows7-x64

7

77b184c69a...84.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77b184c69af18f9d53948507ce8cc3baf89a08c4850659d1b78cf6a209f04b84.exe

  • Size

    35KB

  • Sample

    240523-cwp9qsag28

  • MD5

    0e3ad341fd77e50c48353536e47727d0

  • SHA1

    3bc5c4460da455637c41508e90db9064a8e74c84

  • SHA256

    77b184c69af18f9d53948507ce8cc3baf89a08c4850659d1b78cf6a209f04b84

  • SHA512

    be6e5b591ebd194e42a77a56843183c0888c25a4e88bd6e0c4d02c22493f8d2bd137cb04f7bee829410b6ed444005c89e155c0699c45e985be4667227b03d5cb

  • SSDEEP

    768:/qPJtHA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhp:/qnA6C1VqaqhtgVRNToV7TtRu8rM0wYJ

Score
7/10
persistence

Malware Config

Targets

    • Target

      77b184c69af18f9d53948507ce8cc3baf89a08c4850659d1b78cf6a209f04b84.exe

    • Size

      35KB

    • MD5

      0e3ad341fd77e50c48353536e47727d0

    • SHA1

      3bc5c4460da455637c41508e90db9064a8e74c84

    • SHA256

      77b184c69af18f9d53948507ce8cc3baf89a08c4850659d1b78cf6a209f04b84

    • SHA512

      be6e5b591ebd194e42a77a56843183c0888c25a4e88bd6e0c4d02c22493f8d2bd137cb04f7bee829410b6ed444005c89e155c0699c45e985be4667227b03d5cb

    • SSDEEP

      768:/qPJtHA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhp:/qnA6C1VqaqhtgVRNToV7TtRu8rM0wYJ

    Score
    7/10
    persistence

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks