Overview

overview

10

Static

static

3

e77d300736...be.exe

windows7-x64

10

e77d300736...be.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e77d3007367184662046ce2b05dad5c471fe392602b4254b5ba839c44c1756be

  • Size

    128KB

  • Sample

    240701-ek259swane

  • MD5

    6dae7cde96f68d55b46d7f9a60ff1ac1

  • SHA1

    9b835d979d8fe7e0a2b9a4fa69aed32f2c4c3e7e

  • SHA256

    e77d3007367184662046ce2b05dad5c471fe392602b4254b5ba839c44c1756be

  • SHA512

    9f2b9e9473f6a9f44c4493cda71b9623e07fbec33efab4ba14f8a1957f14b42d923b5ace6ea93c83f05bf2def88a82f49e104d80fb832c3c5c2700dff000394e

  • SSDEEP

    3072:gP7AdbCuIpDrFDHZtOgxBOXXwwfBoD6N3h8N5Gg:+AJtIf5tTDUZNSN57

Score
10/10
persistence

Malware Config

Targets

    • Target

      e77d3007367184662046ce2b05dad5c471fe392602b4254b5ba839c44c1756be

    • Size

      128KB

    • MD5

      6dae7cde96f68d55b46d7f9a60ff1ac1

    • SHA1

      9b835d979d8fe7e0a2b9a4fa69aed32f2c4c3e7e

    • SHA256

      e77d3007367184662046ce2b05dad5c471fe392602b4254b5ba839c44c1756be

    • SHA512

      9f2b9e9473f6a9f44c4493cda71b9623e07fbec33efab4ba14f8a1957f14b42d923b5ace6ea93c83f05bf2def88a82f49e104d80fb832c3c5c2700dff000394e

    • SSDEEP

      3072:gP7AdbCuIpDrFDHZtOgxBOXXwwfBoD6N3h8N5Gg:+AJtIf5tTDUZNSN57

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks