Overview

overview

10

Static

static

3

d72d2f0e61...1N.exe

windows7-x64

10

d72d2f0e61...1N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d72d2f0e6154799277900b2290c0c853cb37a2e0d6464492d6ec928c3c770811N

  • Size

    211KB

  • Sample

    241002-cma4fswbkb

  • MD5

    7b1a668eb5c6d16ed9c06e6d7b5fcb40

  • SHA1

    861076702455b7207cd93d36f7911fad16a56f89

  • SHA256

    d72d2f0e6154799277900b2290c0c853cb37a2e0d6464492d6ec928c3c770811

  • SHA512

    62441c1433b1b4977987f3498144a5634900333f0a599698e7323f5010169c8e9c38fcda9fd16940f40abc42baac59cf75bd331343dfdd5dc1b07aa5c4400ee5

  • SSDEEP

    3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOf:Wh8cBzHLRMpZ4d1Zf

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      d72d2f0e6154799277900b2290c0c853cb37a2e0d6464492d6ec928c3c770811N

    • Size

      211KB

    • MD5

      7b1a668eb5c6d16ed9c06e6d7b5fcb40

    • SHA1

      861076702455b7207cd93d36f7911fad16a56f89

    • SHA256

      d72d2f0e6154799277900b2290c0c853cb37a2e0d6464492d6ec928c3c770811

    • SHA512

      62441c1433b1b4977987f3498144a5634900333f0a599698e7323f5010169c8e9c38fcda9fd16940f40abc42baac59cf75bd331343dfdd5dc1b07aa5c4400ee5

    • SSDEEP

      3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOf:Wh8cBzHLRMpZ4d1Zf

    Score
    10/10
    discoveryevasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks