Overview

overview

8

Static

static

tasks_62.vir.exe

windows7_x64

8

tasks_62.vir.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tasks_62.vir

  • Size

    149KB

  • Sample

    200719-zk4s6b3jtj

  • MD5

    c61aead90afb983a54d8a4785692130c

  • SHA1

    b880c3d0887d371ff8e731f479a046d13f5f732a

  • SHA256

    4346aab98348203c37445ca65e44656d69cc0175c89efa69d155c604901c6a14

  • SHA512

    769d08eb92622dbdfbc36b32fa5890ff4e41d7a4d43cf2387f9b0e83eb3c6e27fcdb1162396b6ee28501a0d2c8db2d6ea9b3a3812d7b0ef8a566c5e333c7e0c6

Score
8/10
persistence

Malware Config

Targets

    • Target

      tasks_62.vir

    • Size

      149KB

    • MD5

      c61aead90afb983a54d8a4785692130c

    • SHA1

      b880c3d0887d371ff8e731f479a046d13f5f732a

    • SHA256

      4346aab98348203c37445ca65e44656d69cc0175c89efa69d155c604901c6a14

    • SHA512

      769d08eb92622dbdfbc36b32fa5890ff4e41d7a4d43cf2387f9b0e83eb3c6e27fcdb1162396b6ee28501a0d2c8db2d6ea9b3a3812d7b0ef8a566c5e333c7e0c6

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks