Overview

overview

10

Static

static

3

b9dddd29f3...0N.exe

windows7-x64

10

b9dddd29f3...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b9dddd29f3cc474a5141336c2ffd75c0N

  • Size

    206KB

  • Sample

    240908-hk7brsthnb

  • MD5

    b9dddd29f3cc474a5141336c2ffd75c0

  • SHA1

    8ed739b24f51163b76495b6aeb621132e53af986

  • SHA256

    762f21a26e15ff6be193236b2e90c7a520884853ac8f407f6f92b3386d894aa8

  • SHA512

    45c8b41dc8886e469b4d34976e30b8fbd7f4c4d465aa070cb6bdadcbba2b43e75cedf019404467b8edb7a6328ddd3dcae982d79c1792c5403354bb6617b5a63b

  • SSDEEP

    3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unB:zvEN2U+T6i5LirrllHy4HUcMQY6E

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      b9dddd29f3cc474a5141336c2ffd75c0N

    • Size

      206KB

    • MD5

      b9dddd29f3cc474a5141336c2ffd75c0

    • SHA1

      8ed739b24f51163b76495b6aeb621132e53af986

    • SHA256

      762f21a26e15ff6be193236b2e90c7a520884853ac8f407f6f92b3386d894aa8

    • SHA512

      45c8b41dc8886e469b4d34976e30b8fbd7f4c4d465aa070cb6bdadcbba2b43e75cedf019404467b8edb7a6328ddd3dcae982d79c1792c5403354bb6617b5a63b

    • SSDEEP

      3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unB:zvEN2U+T6i5LirrllHy4HUcMQY6E

    Score
    10/10
    discoveryevasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks