Overview

overview

10

Static

static

3

f2c97adde3...00.exe

windows7-x64

10

f2c97adde3...00.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2c97adde35d9cf81cc510ed1e2c237eddf0707ae0904727f3a3114c625c9300

  • Size

    467KB

  • Sample

    240701-e6qz5azclp

  • MD5

    e728c978cd9889f4e554fda9a09cb810

  • SHA1

    d6f72047fac582c76beae503606e5801b3f0f722

  • SHA256

    f2c97adde35d9cf81cc510ed1e2c237eddf0707ae0904727f3a3114c625c9300

  • SHA512

    af331273d79c41d4a46aa58ae38244be520caa55d8f4ac8ef83184c206344dc0f2e841390c009b7ef8ad30acfeb715cceab9e126855f6d1e0a29a3776dd89be1

  • SSDEEP

    12288:goxjM2o8wEBW8wESByvNv54B9f01ZmHByvNv5:Vg2o8wqW8wQvr4B9f01ZmQvr

Score
10/10
persistence

Malware Config

Targets

    • Target

      f2c97adde35d9cf81cc510ed1e2c237eddf0707ae0904727f3a3114c625c9300

    • Size

      467KB

    • MD5

      e728c978cd9889f4e554fda9a09cb810

    • SHA1

      d6f72047fac582c76beae503606e5801b3f0f722

    • SHA256

      f2c97adde35d9cf81cc510ed1e2c237eddf0707ae0904727f3a3114c625c9300

    • SHA512

      af331273d79c41d4a46aa58ae38244be520caa55d8f4ac8ef83184c206344dc0f2e841390c009b7ef8ad30acfeb715cceab9e126855f6d1e0a29a3776dd89be1

    • SSDEEP

      12288:goxjM2o8wEBW8wESByvNv54B9f01ZmHByvNv5:Vg2o8wqW8wQvr4B9f01ZmQvr

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks