Overview

overview

10

Static

static

3

ed635d8778...8c.exe

windows7-x64

ed635d8778...8c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed635d8778cf9b20eba95893d144678816f5b9c2d5511b018ff87acd59a2978c

  • Size

    1.9MB

  • Sample

    240701-ex5rxszakk

  • MD5

    a3ff438d23740077555ec54e44c597c8

  • SHA1

    b3b0b2e8960b9023ee8a0e4b074294de64b4811c

  • SHA256

    ed635d8778cf9b20eba95893d144678816f5b9c2d5511b018ff87acd59a2978c

  • SHA512

    4ffd6881b36beff7abbdf49be388c4e52aa0fc7e46582015ead8f49c082795ed1aaacd07d3f4c78053bb9bb3ab4938713eb25ebbdb2f83a821fe4b9ccd481d6c

  • SSDEEP

    6144:WTDnrCLNZIKr2n0MCRqJ++6yYEwPJ2kEe16L9Jww61EvBqc:WXCz+6CwUkEoILTAc

Score
10/10
persistence

Malware Config

Targets

    • Target

      ed635d8778cf9b20eba95893d144678816f5b9c2d5511b018ff87acd59a2978c

    • Size

      1.9MB

    • MD5

      a3ff438d23740077555ec54e44c597c8

    • SHA1

      b3b0b2e8960b9023ee8a0e4b074294de64b4811c

    • SHA256

      ed635d8778cf9b20eba95893d144678816f5b9c2d5511b018ff87acd59a2978c

    • SHA512

      4ffd6881b36beff7abbdf49be388c4e52aa0fc7e46582015ead8f49c082795ed1aaacd07d3f4c78053bb9bb3ab4938713eb25ebbdb2f83a821fe4b9ccd481d6c

    • SSDEEP

      6144:WTDnrCLNZIKr2n0MCRqJ++6yYEwPJ2kEe16L9Jww61EvBqc:WXCz+6CwUkEoILTAc

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks