Overview

overview

8

Static

static

3

af77c0b6a1...03.exe

windows7-x64

7

af77c0b6a1...03.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e12bdd2a8200d4c1f368750e2c87bfe.bin

  • Size

    24.8MB

  • Sample

    240625-b3rkpstdrd

  • MD5

    bbb75185446abc0529029174863048f9

  • SHA1

    161e821b59f08f4d71f0c8da37a109ff3ca59832

  • SHA256

    d082d487b6c035ceffa86eae90a61ed3202c044d1d6b69ee6b3e792b2cec91cb

  • SHA512

    92efc727aed981fd29eb868b1482d9a0c38934f3524047c424e973ca16751fe9798e3cddd5792460bc84046a32c9ce3c51c64cf3ae271c285a4e70b9a0fe57a5

  • SSDEEP

    786432:aFOGN/pOc2MSCyI4i7ye0MWeE5Dkz2OSCM:fcjSCZTWXN8M

Score
8/10
executionpersistence

Malware Config

Targets

    • Target

      af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe

    • Size

      36.5MB

    • MD5

      0e12bdd2a8200d4c1f368750e2c87bfe

    • SHA1

      6c8b533e2c7f6ebef027971c3a06f4c55ed64cfe

    • SHA256

      af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403

    • SHA512

      909f15876f3a6cbe608eb53df4286927b013c45ff6acbc496a1590b9cc3fe47b1bb449ed45c3302f6d03cccb876cd2cc26f2b5e7c1ca4ff2d17dd4dee77bf75b

    • SSDEEP

      393216:sYJEy4Te0rrigZ9BCbZPBKAgKBXSTzdOskYXXDeycerzHP+THt+/nDSpQg:sYJcrlZ9BGfg8XIJOkXXPCTV

    Score
    8/10
    executionpersistence

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Creates new service(s)

      persistenceexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks