Overview

overview

8

Static

static

3

e3d96cfc02...0N.exe

windows7-x64

8

e3d96cfc02...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e3d96cfc02cb219ccc913ab267fffaf0N.exe

  • Size

    476KB

  • Sample

    240829-kllgssvbqn

  • MD5

    e3d96cfc02cb219ccc913ab267fffaf0

  • SHA1

    f44e48ba437f1ca26c77190bf56d0324582cdfa5

  • SHA256

    88c8f164dafac8237a21ac4e840a8b024b4fea3fc7358b86b0b272abc2888570

  • SHA512

    160d12ef35f4fa7334b7d35e22cb130bba8b3bfdea8867b12ee17978bf2df6055fb438de514b1cadab5621a7a97c0d7fe8ff5352d8e06172dcdf3fa767fecf1a

  • SSDEEP

    12288:ntKe6Zv23YeVONkJDFPQeGySItg8lnZVUxP3tKo:76Zv2l4kPQeGyp6tKo

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      e3d96cfc02cb219ccc913ab267fffaf0N.exe

    • Size

      476KB

    • MD5

      e3d96cfc02cb219ccc913ab267fffaf0

    • SHA1

      f44e48ba437f1ca26c77190bf56d0324582cdfa5

    • SHA256

      88c8f164dafac8237a21ac4e840a8b024b4fea3fc7358b86b0b272abc2888570

    • SHA512

      160d12ef35f4fa7334b7d35e22cb130bba8b3bfdea8867b12ee17978bf2df6055fb438de514b1cadab5621a7a97c0d7fe8ff5352d8e06172dcdf3fa767fecf1a

    • SSDEEP

      12288:ntKe6Zv23YeVONkJDFPQeGySItg8lnZVUxP3tKo:76Zv2l4kPQeGyp6tKo

    Score
    8/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Modifies system executable filetype association

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks