Overview

overview

8

Static

static

SecuriteIn...85.exe

windows7_x64

8

SecuriteIn...85.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.GenericKD.43529991.18963.10385

  • Size

    1.1MB

  • Sample

    200801-7a3xtmxnha

  • MD5

    7e30a93f146632fb1f17202b76297bc9

  • SHA1

    178ca4abed0673ddb9a674d8f108c79f33099454

  • SHA256

    b7ae0f7d14ce9a3423d5424845c5e70ca17d14b13631f21396248cad04027a35

  • SHA512

    a2f865b4641dd48d4fa8fdf09e3b943b27047d585301e1bd9b246af12cb081a489b5f5e2735e77cab334dd627494a4bb9cf1081874a7b0bdb32b80d824a94c43

Score
8/10
persistence

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.GenericKD.43529991.18963.10385

    • Size

      1.1MB

    • MD5

      7e30a93f146632fb1f17202b76297bc9

    • SHA1

      178ca4abed0673ddb9a674d8f108c79f33099454

    • SHA256

      b7ae0f7d14ce9a3423d5424845c5e70ca17d14b13631f21396248cad04027a35

    • SHA512

      a2f865b4641dd48d4fa8fdf09e3b943b27047d585301e1bd9b246af12cb081a489b5f5e2735e77cab334dd627494a4bb9cf1081874a7b0bdb32b80d824a94c43

    Score
    8/10
    persistence

    • Blacklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks