Overview

overview

8

Static

static

1

eMeetLink_windows.exe

windows7-x64

8

eMeetLink_windows.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    eMeetLink_windows.exe

  • Size

    121.3MB

  • Sample

    240905-yp6h2aybpp

  • MD5

    3facefe60375097484fb51e4b896206a

  • SHA1

    8d7e2f2b34c974ac32396d31322d7f70847580c3

  • SHA256

    02a66a08d8d4051c17d62ecd1de26903a69f8eebc5ad2492a39faa4b0e012047

  • SHA512

    7d896b0edc0ba49fc1e57bbba32e58c5ca7bb8ba428a101407cc04db659add394edeb58107cf539c59b83cf42250671f934c9fd867ab81025a4a15c73e4d1671

  • SSDEEP

    3145728:STH1FA+ckt7YPrlpKO14gD7WC6nq3pJctCya+2My:STwm7YPriShD6CnpJ+2My

Score
8/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      eMeetLink_windows.exe

    • Size

      121.3MB

    • MD5

      3facefe60375097484fb51e4b896206a

    • SHA1

      8d7e2f2b34c974ac32396d31322d7f70847580c3

    • SHA256

      02a66a08d8d4051c17d62ecd1de26903a69f8eebc5ad2492a39faa4b0e012047

    • SHA512

      7d896b0edc0ba49fc1e57bbba32e58c5ca7bb8ba428a101407cc04db659add394edeb58107cf539c59b83cf42250671f934c9fd867ab81025a4a15c73e4d1671

    • SSDEEP

      3145728:STH1FA+ckt7YPrlpKO14gD7WC6nq3pJctCya+2My:STwm7YPriShD6CnpJ+2My

    Score
    8/10
    defense_evasiondiscovery

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • System Binary Proxy Execution: Rundll32

      Abuse Rundll32 to proxy execution of malicious code.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks