Overview

overview

10

Static

static

3

0aed6e2c1e...00.exe

windows7-x64

10

0aed6e2c1e...00.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0aed6e2c1e5345e0c50fed2f09c6d05aea0992c7e303739ff75d30b0a8dd3d00

  • Size

    59KB

  • Sample

    240611-w68nlsxamk

  • MD5

    26e08465ca4823086a4f57668f546cce

  • SHA1

    21a9403aa051e3648ad3bc5f88a2b3c50eda927c

  • SHA256

    0aed6e2c1e5345e0c50fed2f09c6d05aea0992c7e303739ff75d30b0a8dd3d00

  • SHA512

    3f06da130691dbe712d157fb813b3297581eff8b3d523bac8774eeba4a1d08a1766f65b55c031c7a92ab84690917dadef92d76f51d52940150ad1fd7c9ec621d

  • SSDEEP

    1536:JGMPXiXow339BVPu4J1p1nFF+CZg2LKOO:VXK339BVPu4J1HnZr3O

Score
10/10
persistence

Malware Config

Targets

    • Target

      0aed6e2c1e5345e0c50fed2f09c6d05aea0992c7e303739ff75d30b0a8dd3d00

    • Size

      59KB

    • MD5

      26e08465ca4823086a4f57668f546cce

    • SHA1

      21a9403aa051e3648ad3bc5f88a2b3c50eda927c

    • SHA256

      0aed6e2c1e5345e0c50fed2f09c6d05aea0992c7e303739ff75d30b0a8dd3d00

    • SHA512

      3f06da130691dbe712d157fb813b3297581eff8b3d523bac8774eeba4a1d08a1766f65b55c031c7a92ab84690917dadef92d76f51d52940150ad1fd7c9ec621d

    • SSDEEP

      1536:JGMPXiXow339BVPu4J1p1nFF+CZg2LKOO:VXK339BVPu4J1HnZr3O

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks