Overview

overview

7

Static

static

3

mainv9Unkown5.exe

windows10-1703-x64

7

mainv9Unkown5.exe

windows10-2004-x64

7

mainv9Unkown5.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mainv9Unkown5.exe

  • Size

    37.9MB

  • Sample

    240528-wt21asef51

  • MD5

    76b439dbca3799f216e3e2828ac9e88c

  • SHA1

    1fbda5802e59201a97e2f6a27362dd2c769704fb

  • SHA256

    96af4da931d2dc436a17ebe9fa72922711763b15e9a0593255ec84c7905b9c4d

  • SHA512

    6bafdcd551c44383c09a0d19fecf25c65decd55ad1822b4ed2506fb3006de58791fb154beff8d4fc54be299692d8ff66ac859a1458c7bd3b36d3792af790a0d1

  • SSDEEP

    786432:faAWAPJ8GxgbX6O1QtIbSN2j6+s7LWB75zuPNvYPJyEM3IL55qW80hjNjK4a0MdD:faAPSbX6aiI2N2qHWB75iVvYPrMG5cW+

Score
7/10
persistencepyinstaller

Malware Config

Targets

    • Target

      mainv9Unkown5.exe

    • Size

      37.9MB

    • MD5

      76b439dbca3799f216e3e2828ac9e88c

    • SHA1

      1fbda5802e59201a97e2f6a27362dd2c769704fb

    • SHA256

      96af4da931d2dc436a17ebe9fa72922711763b15e9a0593255ec84c7905b9c4d

    • SHA512

      6bafdcd551c44383c09a0d19fecf25c65decd55ad1822b4ed2506fb3006de58791fb154beff8d4fc54be299692d8ff66ac859a1458c7bd3b36d3792af790a0d1

    • SSDEEP

      786432:faAWAPJ8GxgbX6O1QtIbSN2j6+s7LWB75zuPNvYPJyEM3IL55qW80hjNjK4a0MdD:faAPSbX6aiI2N2qHWB75iVvYPrMG5cW+

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks