d832010182a986629db10bf429f85fe659265360964bee1cbec2947cfc597b00 | Triage

Sharing

General

Target

Exes_e1d7946e0431423da26d27e7fae00edf.jpg
Size

1.0MB
Sample

190824-szpqtsb8w6
MD5

e1d7946e0431423da26d27e7fae00edf
SHA1

f44ef7a71a8503d169e34fa9f80230b0f6cb36e2
SHA256

d832010182a986629db10bf429f85fe659265360964bee1cbec2947cfc597b00
SHA512

b211ffe1b419dacdfd8d17e4024e9f9eb3a8f384690fca4b8aa4715da28a25532891d666d988cb8aaa0811c1879c04d9ce475029bb3cc9404078c6373d37b9b3

Score

N/A

Malware Config

Targets

- Target
  
  Exes_e1d7946e0431423da26d27e7fae00edf.jpg
- Size
  
  1.0MB
- MD5
  
  e1d7946e0431423da26d27e7fae00edf
- SHA1
  
  f44ef7a71a8503d169e34fa9f80230b0f6cb36e2
- SHA256
  
  d832010182a986629db10bf429f85fe659265360964bee1cbec2947cfc597b00
- SHA512
  
  b211ffe1b419dacdfd8d17e4024e9f9eb3a8f384690fca4b8aa4715da28a25532891d666d988cb8aaa0811c1879c04d9ce475029bb3cc9404078c6373d37b9b3
Score

N/A
- troldesh family
  family
- Loads dropped DLL
- Adds Run entry to start application
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Execution through Module Load

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Obfuscated Files or Information

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2