Overview

overview

10

Static

static

3

c8f9412714...e0.exe

windows7-x64

10

c8f9412714...e0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8f941271407fdd8c36645871d2080dee71ae2554265d139d4e65caa368ea7e0

  • Size

    128KB

  • Sample

    240524-dreg4sbb79

  • MD5

    441f811661de063f5615ba2badbd3645

  • SHA1

    a66adc600865c1703f3afb63c43ec384464b64ed

  • SHA256

    c8f941271407fdd8c36645871d2080dee71ae2554265d139d4e65caa368ea7e0

  • SHA512

    b27aaa2d4db29f41cd510a74cdc4239c8e6c497e37835b1d95524bc5880e48962871a61d3227a7b07edb990f0d9b4e780dc4902d14bb16cfcc1c07a9aa71182d

  • SSDEEP

    3072:sfDMzWlccO77CH0y6IeCR9oq4gktmrIEznYfzB9BSwW:sfDMzWnO77CHXfoq4gktmrIYOzLc

Score
10/10
persistence

Malware Config

Targets

    • Target

      c8f941271407fdd8c36645871d2080dee71ae2554265d139d4e65caa368ea7e0

    • Size

      128KB

    • MD5

      441f811661de063f5615ba2badbd3645

    • SHA1

      a66adc600865c1703f3afb63c43ec384464b64ed

    • SHA256

      c8f941271407fdd8c36645871d2080dee71ae2554265d139d4e65caa368ea7e0

    • SHA512

      b27aaa2d4db29f41cd510a74cdc4239c8e6c497e37835b1d95524bc5880e48962871a61d3227a7b07edb990f0d9b4e780dc4902d14bb16cfcc1c07a9aa71182d

    • SSDEEP

      3072:sfDMzWlccO77CH0y6IeCR9oq4gktmrIEznYfzB9BSwW:sfDMzWnO77CHXfoq4gktmrIYOzLc

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks