Overview

overview

10

Static

static

3

4299881360...76.exe

windows7-x64

10

4299881360...76.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    429988136001076d3ac23c686c4823fbc47cbb7af8f189cf59f1471f0ec91776.exe

  • Size

    479KB

  • Sample

    240705-kh4tzavgkn

  • MD5

    e4f5445d28a7ccb5076cd53a5b24acb0

  • SHA1

    019ece9ec302ed11cc6ae17621fe1b4b237506db

  • SHA256

    429988136001076d3ac23c686c4823fbc47cbb7af8f189cf59f1471f0ec91776

  • SHA512

    89bad55f78f18c22db79bee7981dc70975ba16923ac89f56412418604a89404f56e5877f987ad473e11249e5d4417fc29e42e0867a247c56fd7f1b257320a90b

  • SSDEEP

    6144:PJZPVPOwXYrMdlvkGr0f+uPOwXYrMdl2MPnhd8+ZDI:PYwIaJwISfPI

Score
10/10
persistence

Malware Config

Targets

    • Target

      429988136001076d3ac23c686c4823fbc47cbb7af8f189cf59f1471f0ec91776.exe

    • Size

      479KB

    • MD5

      e4f5445d28a7ccb5076cd53a5b24acb0

    • SHA1

      019ece9ec302ed11cc6ae17621fe1b4b237506db

    • SHA256

      429988136001076d3ac23c686c4823fbc47cbb7af8f189cf59f1471f0ec91776

    • SHA512

      89bad55f78f18c22db79bee7981dc70975ba16923ac89f56412418604a89404f56e5877f987ad473e11249e5d4417fc29e42e0867a247c56fd7f1b257320a90b

    • SSDEEP

      6144:PJZPVPOwXYrMdlvkGr0f+uPOwXYrMdl2MPnhd8+ZDI:PYwIaJwISfPI

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks