Overview

overview

8

Static

static

1

b4c22ff638...e4.exe

windows7-x64

8

b4c22ff638...e4.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b4c22ff638bcb371e0cc8d8a7080a68212fc4ce6e629b833793a648c9f14b6e4.exe

  • Size

    81KB

  • Sample

    241002-bxs7cazhnr

  • MD5

    517d7c550b44e53ddd9ae366f1ae8e4d

  • SHA1

    43d3a0b7aa06fc952864fa37dcdca96593a06cbc

  • SHA256

    b4c22ff638bcb371e0cc8d8a7080a68212fc4ce6e629b833793a648c9f14b6e4

  • SHA512

    4c172099abd2c4b983c43500f0323e0feb26288f6ca35c5f2c4a4574ffc8df322fee42049f68bdac4dc47ca55bdca7b0ac98f560b4af4b985c04b962555965a0

  • SSDEEP

    1536:xoG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaxPBJYYD7UxD2i:renkyfPAwiMq0RqRfbaxZJYYD7i

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      b4c22ff638bcb371e0cc8d8a7080a68212fc4ce6e629b833793a648c9f14b6e4.exe

    • Size

      81KB

    • MD5

      517d7c550b44e53ddd9ae366f1ae8e4d

    • SHA1

      43d3a0b7aa06fc952864fa37dcdca96593a06cbc

    • SHA256

      b4c22ff638bcb371e0cc8d8a7080a68212fc4ce6e629b833793a648c9f14b6e4

    • SHA512

      4c172099abd2c4b983c43500f0323e0feb26288f6ca35c5f2c4a4574ffc8df322fee42049f68bdac4dc47ca55bdca7b0ac98f560b4af4b985c04b962555965a0

    • SSDEEP

      1536:xoG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaxPBJYYD7UxD2i:renkyfPAwiMq0RqRfbaxZJYYD7i

    Score
    8/10
    discoverypersistence

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Downloads MZ/PE file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks