Overview

overview

10

Static

static

3

ba047473d5...a2.exe

windows7-x64

10

ba047473d5...a2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba047473d57765efda0172786dd2dbee15df91d9ca0e344fdfa4c8253e9c8ba2

  • Size

    211KB

  • Sample

    240524-cx9prsab24

  • MD5

    3b95ed7ba02736ccfcbca39d188b9e4a

  • SHA1

    9eca9d4f363a98e4bfc0486e7fa50be3e0aef167

  • SHA256

    ba047473d57765efda0172786dd2dbee15df91d9ca0e344fdfa4c8253e9c8ba2

  • SHA512

    e330738c711d4b7e2702ed0ccad3b922e67e9683c483dcd75b9d8a7a7ab77f41ebc802e90ead9046b7821cfd9f29b79ecee834eca0faf0af6517e5fe9db70483

  • SSDEEP

    6144:/hzDxwE7eYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/N:/Bd17eYr75lTefkY660fII

Score
10/10
persistence

Malware Config

Targets

    • Target

      ba047473d57765efda0172786dd2dbee15df91d9ca0e344fdfa4c8253e9c8ba2

    • Size

      211KB

    • MD5

      3b95ed7ba02736ccfcbca39d188b9e4a

    • SHA1

      9eca9d4f363a98e4bfc0486e7fa50be3e0aef167

    • SHA256

      ba047473d57765efda0172786dd2dbee15df91d9ca0e344fdfa4c8253e9c8ba2

    • SHA512

      e330738c711d4b7e2702ed0ccad3b922e67e9683c483dcd75b9d8a7a7ab77f41ebc802e90ead9046b7821cfd9f29b79ecee834eca0faf0af6517e5fe9db70483

    • SSDEEP

      6144:/hzDxwE7eYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/N:/Bd17eYr75lTefkY660fII

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks