Overview

overview

10

Static

static

3

Virus.Hija...ff.exe

windows7-x64

3

Virus.Hija...ff.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Virus.Hijack.ATA_virussign.com_3a8b8e5b4f6d21cfb0fcf39fba16cfff.exe

  • Size

    78KB

  • Sample

    240907-p1t5pswfnq

  • MD5

    3a8b8e5b4f6d21cfb0fcf39fba16cfff

  • SHA1

    011175ff83c069612febef84e6fc2b07c9528037

  • SHA256

    0bb9a4a819d83c90a85931b77742a1dd1ad42bca09d0b3866873dbd782bc22e1

  • SHA512

    59f9912e8c611d3966309f2ccea86f397267ba66e552eca630b7623fd1efc3f786e8f129dc53f9f1421d946b5a065d21e32a35f85fb0dbb4a42def5b3ecef608

  • SSDEEP

    1536:rzYZUeBCvO5dhxM50Y71SazWRuiu6yf5oAnqDM+4yyF:/V+lG5f71SUiuCuq4cyF

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      Virus.Hijack.ATA_virussign.com_3a8b8e5b4f6d21cfb0fcf39fba16cfff.exe

    • Size

      78KB

    • MD5

      3a8b8e5b4f6d21cfb0fcf39fba16cfff

    • SHA1

      011175ff83c069612febef84e6fc2b07c9528037

    • SHA256

      0bb9a4a819d83c90a85931b77742a1dd1ad42bca09d0b3866873dbd782bc22e1

    • SHA512

      59f9912e8c611d3966309f2ccea86f397267ba66e552eca630b7623fd1efc3f786e8f129dc53f9f1421d946b5a065d21e32a35f85fb0dbb4a42def5b3ecef608

    • SSDEEP

      1536:rzYZUeBCvO5dhxM50Y71SazWRuiu6yf5oAnqDM+4yyF:/V+lG5f71SUiuCuq4cyF

    Score
    10/10
    discoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks