Overview

overview

10

Static

static

3

b39b519091...0N.exe

windows7-x64

10

b39b519091...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b39b519091371242a1e278e584f04d70N.exe

  • Size

    71KB

  • Sample

    240723-n85ezaydmn

  • MD5

    b39b519091371242a1e278e584f04d70

  • SHA1

    23971b7aad8b8f4d4a8ecafa6ba34065eda1868e

  • SHA256

    65cbe05262f0bc82bef3c01d7b3afd6847223b00f9142163111db350bff19514

  • SHA512

    facf82b6f5091d0daedddcf885e75713febba88b442a03d680fc19d327fc5ff321622dfde3c2e35e4a5f6fcc2a58a5c388e6f444d4b185eedad2cc0c94f65c82

  • SSDEEP

    768:x/nh3pSzouGbBcDZBCtfefzXDDDvFKEWSrVkr93k977l89NSMwu:xZ3pSzMzwXXD9KErrGnqu

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      b39b519091371242a1e278e584f04d70N.exe

    • Size

      71KB

    • MD5

      b39b519091371242a1e278e584f04d70

    • SHA1

      23971b7aad8b8f4d4a8ecafa6ba34065eda1868e

    • SHA256

      65cbe05262f0bc82bef3c01d7b3afd6847223b00f9142163111db350bff19514

    • SHA512

      facf82b6f5091d0daedddcf885e75713febba88b442a03d680fc19d327fc5ff321622dfde3c2e35e4a5f6fcc2a58a5c388e6f444d4b185eedad2cc0c94f65c82

    • SSDEEP

      768:x/nh3pSzouGbBcDZBCtfefzXDDDvFKEWSrVkr93k977l89NSMwu:xZ3pSzMzwXXD9KErrGnqu

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Event Triggered Execution: Image File Execution Options Injection

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks