Overview

overview

10

Static

static

10

Lake.exe

windows7-x64

7

Lake.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lake.exe

  • Size

    84.2MB

  • Sample

    250216-m8yfzstmf1

  • MD5

    1e81443789401a0a0acfa1873cfa8306

  • SHA1

    77f612b325fb66376a077a4756ec5b9ffd3601e5

  • SHA256

    2ba83cdc1ee22575aac266a74be2c64de34d47c95f02f71e6ec1b33271a29af2

  • SHA512

    3c98e837b33e6a9ed76b5c8cc866f851d5404456520b2681affcb28aa48fdc1a7ba5bddd2dd4b90f91d121000a6ad95da527274e109124d89e5163400db0466b

  • SSDEEP

    1572864:QVjl92W5690nOkiqOv8im2A3+TUE7glhe7fEYiYweyJulZUdgRI6Xhu26UQFgXnH:QKd90nOknOv8i36+TmLPhpulvXoTFgXH

Score
10/10
pysilondefense_evasionexecutionpersistencepyinstallerupx

Malware Config

Targets

    • Target

      Lake.exe

    • Size

      84.2MB

    • MD5

      1e81443789401a0a0acfa1873cfa8306

    • SHA1

      77f612b325fb66376a077a4756ec5b9ffd3601e5

    • SHA256

      2ba83cdc1ee22575aac266a74be2c64de34d47c95f02f71e6ec1b33271a29af2

    • SHA512

      3c98e837b33e6a9ed76b5c8cc866f851d5404456520b2681affcb28aa48fdc1a7ba5bddd2dd4b90f91d121000a6ad95da527274e109124d89e5163400db0466b

    • SSDEEP

      1572864:QVjl92W5690nOkiqOv8im2A3+TUE7glhe7fEYiYweyJulZUdgRI6Xhu26UQFgXnH:QKd90nOknOv8i36+TmLPhpulvXoTFgXH

    Score
    9/10
    upxdefense_evasionexecutionpersistence

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      defense_evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks