efc8a598d15f50646444551c6ff08cea8c3a173f307ecc0b42aaa94d043fba3a | Triage

Sharing

General

Target

Exes_4a4608a2c2707b4dd2bc4b733ef4ef96.jpg
Size

1.1MB
Sample

190808-qgyxkjj7dx
MD5

4a4608a2c2707b4dd2bc4b733ef4ef96
SHA1

65f4afc13c28caf3fcf4e0e0921e3e152e9b8422
SHA256

efc8a598d15f50646444551c6ff08cea8c3a173f307ecc0b42aaa94d043fba3a
SHA512

88c85d7884f9ae0bfd140a77fb5a176e484e446c1e82e6f1c7ae9ce579c5801cbc7803b63d96c57be182abf2d185a6e7cd078f7a90de6ae576c35814673189e8

Score

N/A

Malware Config

Targets

- Target
  
  Exes_4a4608a2c2707b4dd2bc4b733ef4ef96.jpg
- Size
  
  1.1MB
- MD5
  
  4a4608a2c2707b4dd2bc4b733ef4ef96
- SHA1
  
  65f4afc13c28caf3fcf4e0e0921e3e152e9b8422
- SHA256
  
  efc8a598d15f50646444551c6ff08cea8c3a173f307ecc0b42aaa94d043fba3a
- SHA512
  
  88c85d7884f9ae0bfd140a77fb5a176e484e446c1e82e6f1c7ae9ce579c5801cbc7803b63d96c57be182abf2d185a6e7cd078f7a90de6ae576c35814673189e8
Score

N/A
- troldesh family
  family
- Loads dropped DLL
- Adds Run entry to start application
task1 task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Execution through Module Load

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Obfuscated Files or Information

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

task1

task2