Overview

overview

8

Static

static

1

b850bd18e0...15.exe

windows7-x64

8

b850bd18e0...15.exe

windows10-2004-x64

8

Bindemidde...ma.ps1

windows7-x64

3

Bindemidde...ma.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b850bd18e0db142114a07ac415e82f916201ed8680f5fab13f332eb0da0e7815.exe

  • Size

    779KB

  • Sample

    241002-bx7dzathrc

  • MD5

    051a26c2e87061644ecbe0f4f048e3fa

  • SHA1

    279bab8ecc8a1423830123fa3ece0bf32fbe8999

  • SHA256

    b850bd18e0db142114a07ac415e82f916201ed8680f5fab13f332eb0da0e7815

  • SHA512

    e713ab9b0b9484c48e99243b1c29c15b9a7c16d61425eb96db8ee448d32fea91e5414d4e3411f0066c8be0ad06426082be08b60ab8117ec229243e2a1b875c78

  • SSDEEP

    12288:iQIoWuLh44D+wrxhlAhtAB642VVujwcKVdn7BLzdsNZU18Do9I4jMSPC:i7uLh4hsuy6Tu8cKvBLz8Z74jvC

Score
8/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      b850bd18e0db142114a07ac415e82f916201ed8680f5fab13f332eb0da0e7815.exe

    • Size

      779KB

    • MD5

      051a26c2e87061644ecbe0f4f048e3fa

    • SHA1

      279bab8ecc8a1423830123fa3ece0bf32fbe8999

    • SHA256

      b850bd18e0db142114a07ac415e82f916201ed8680f5fab13f332eb0da0e7815

    • SHA512

      e713ab9b0b9484c48e99243b1c29c15b9a7c16d61425eb96db8ee448d32fea91e5414d4e3411f0066c8be0ad06426082be08b60ab8117ec229243e2a1b875c78

    • SSDEEP

      12288:iQIoWuLh44D+wrxhlAhtAB642VVujwcKVdn7BLzdsNZU18Do9I4jMSPC:i7uLh4hsuy6Tu8cKvBLz8Z74jvC

    Score
    8/10
    discoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral1behavioral2

    • Target

      Bindemiddels/Konsulentfirma.Fli

    • Size

      55KB

    • MD5

      d402ca057a33bc8a05d22411584f1446

    • SHA1

      62ea91a0a08037dc4126f1b6c292ecef1028390e

    • SHA256

      4faec25f3f54b20769a15b39d6eea37459b7ebc140def9f09151797a1ae497d0

    • SHA512

      8cc2ba44c1dac829d534298a13939f0f484d355a3529f662d793eefe4dc4990cc4b38f23fe4e3e872bb2374c0921b88b8a8d4d815ecfa2703d0d9b19ee6c45fd

    • SSDEEP

      1536:K5BUEGM8EpDcZwwc8EU+0jB9gSk2Ci0hULKcfO/A7ch:KfcMJcZwb8lNmsBAUOgU

    Score
    8/10
    executionpersistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks