Overview

overview

10

Static

static

3

f346e4119c...b3.exe

windows7-x64

10

f346e4119c...b3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f346e4119c0b2d7344fe1e56a75b35a9be74a149cceb909735871ff54f1c7fb3

  • Size

    90KB

  • Sample

    240701-e7e91szcnl

  • MD5

    eba6f7be8a51a00b144ab286c4f526ec

  • SHA1

    91490a02f9c9fea765eaf3693833fa5cd7e5f416

  • SHA256

    f346e4119c0b2d7344fe1e56a75b35a9be74a149cceb909735871ff54f1c7fb3

  • SHA512

    ffd871d9ac1f842e677d100757f7aaa8ced2c3cf4497ce48c7d2d3b22ae4fcc620ad685c1b631504950c8f99403ffafd3f752e7159632576f1a2c2a3eb117063

  • SSDEEP

    1536:m6DKO/f6BbpTBNRYgXfSd1NPqYyG4u/Ub0VkVNK:6ekN1vInFyG4u/Ub0+NK

Score
10/10
persistence

Malware Config

Targets

    • Target

      f346e4119c0b2d7344fe1e56a75b35a9be74a149cceb909735871ff54f1c7fb3

    • Size

      90KB

    • MD5

      eba6f7be8a51a00b144ab286c4f526ec

    • SHA1

      91490a02f9c9fea765eaf3693833fa5cd7e5f416

    • SHA256

      f346e4119c0b2d7344fe1e56a75b35a9be74a149cceb909735871ff54f1c7fb3

    • SHA512

      ffd871d9ac1f842e677d100757f7aaa8ced2c3cf4497ce48c7d2d3b22ae4fcc620ad685c1b631504950c8f99403ffafd3f752e7159632576f1a2c2a3eb117063

    • SSDEEP

      1536:m6DKO/f6BbpTBNRYgXfSd1NPqYyG4u/Ub0VkVNK:6ekN1vInFyG4u/Ub0+NK

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks