a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d | Triage

Submit
Reports

Overview

overview

Static

static

3

a6abff08e9...2d.exe

windows7-x64

a6abff08e9...2d.exe

windows10-2004-x64

Sharing

General

Target

a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d.exe
Size

135KB
Sample

240524-e16hmadb5x
MD5

02e4168fe15eaba294ee087503c25250
SHA1

8085542c354fcfe7ad650dfe431ce26c3a01b712
SHA256

a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d
SHA512

7313a55bc4136bb5daa0f4c6aaac544b9a97960b0419eb07946485a7fb76f51e1ba41df1fe68674509ce24c91b1a70a64f62bfd5bcedec2571ce744dcbc9ef25
SSDEEP

1536:4fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbV5jp00000000000E:4VqoCl/YgjxEufVU0TbTyDDal3jb

Score

10^/10

evasion persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d.exe

Resource

win7-20240508-en

evasion persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d.exe

Resource

win10v2004-20240508-en

evasion persistence

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d.exe
- Size
  
  135KB
- MD5
  
  02e4168fe15eaba294ee087503c25250
- SHA1
  
  8085542c354fcfe7ad650dfe431ce26c3a01b712
- SHA256
  
  a6abff08e97aaff33f3aabb84068c569eaa1788842742eaf4d3c38c00bde522d
- SHA512
  
  7313a55bc4136bb5daa0f4c6aaac544b9a97960b0419eb07946485a7fb76f51e1ba41df1fe68674509ce24c91b1a70a64f62bfd5bcedec2571ce744dcbc9ef25
- SSDEEP
  
  1536:4fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbV5jp00000000000E:4VqoCl/YgjxEufVU0TbTyDDal3jb
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2024

Terms | Privacy