Overview

overview

10

Static

static

3

e5970cbfc0...db.exe

windows7-x64

10

e5970cbfc0...db.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5970cbfc05f325680562c74bb0dbf6843d9d4a0aafc7fdd1d13a3c2840782db

  • Size

    226KB

  • Sample

    240701-egpe1avhnf

  • MD5

    21805013b2da698ee76294c96a90cb91

  • SHA1

    b4d96d41cde11866e64dbe7fa2d2f2204327adfc

  • SHA256

    e5970cbfc05f325680562c74bb0dbf6843d9d4a0aafc7fdd1d13a3c2840782db

  • SHA512

    5058f2dd68ea726c1b60d9d57ca160e5b2493791cfe5d5bd3edf49c917e37a4b46b2cc9f36bf5dff4c4c943387132d64dbc522639a4bf580fc0590d79a40def1

  • SSDEEP

    6144:tnOKGszzUEXYmpXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:5OJQz335IKrEAlnLAg

Score
10/10
persistence

Malware Config

Targets

    • Target

      e5970cbfc05f325680562c74bb0dbf6843d9d4a0aafc7fdd1d13a3c2840782db

    • Size

      226KB

    • MD5

      21805013b2da698ee76294c96a90cb91

    • SHA1

      b4d96d41cde11866e64dbe7fa2d2f2204327adfc

    • SHA256

      e5970cbfc05f325680562c74bb0dbf6843d9d4a0aafc7fdd1d13a3c2840782db

    • SHA512

      5058f2dd68ea726c1b60d9d57ca160e5b2493791cfe5d5bd3edf49c917e37a4b46b2cc9f36bf5dff4c4c943387132d64dbc522639a4bf580fc0590d79a40def1

    • SSDEEP

      6144:tnOKGszzUEXYmpXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:5OJQz335IKrEAlnLAg

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks