Overview

overview

7

Static

static

3

03c0395eb8...0N.exe

windows7-x64

7

03c0395eb8...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    03c0395eb89532cbf5bdc125875e22d0N.exe

  • Size

    352KB

  • Sample

    240727-1d1jrazdpl

  • MD5

    03c0395eb89532cbf5bdc125875e22d0

  • SHA1

    f9201487605aa74a388ead9ca77ef81b8d2d6562

  • SHA256

    5706b1ee8808f71f8b11878c5c29670ae179c242c675725abc933b5463acb62d

  • SHA512

    15ca4519f663311fa33ccac5ae7d0404769022ab7a691c2ef17af7312575343392b5659579dc992cbc39d119f3d4e48734c227c79e97635db78d488d552eac91

  • SSDEEP

    6144:SIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCe8i:/KofHfHTXQLzgvnzHPowYbvrjD/L7QPs

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      03c0395eb89532cbf5bdc125875e22d0N.exe

    • Size

      352KB

    • MD5

      03c0395eb89532cbf5bdc125875e22d0

    • SHA1

      f9201487605aa74a388ead9ca77ef81b8d2d6562

    • SHA256

      5706b1ee8808f71f8b11878c5c29670ae179c242c675725abc933b5463acb62d

    • SHA512

      15ca4519f663311fa33ccac5ae7d0404769022ab7a691c2ef17af7312575343392b5659579dc992cbc39d119f3d4e48734c227c79e97635db78d488d552eac91

    • SSDEEP

      6144:SIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCe8i:/KofHfHTXQLzgvnzHPowYbvrjD/L7QPs

    Score
    7/10
    discoverypersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks