6616ae9d95e9fbeb73a82a636351439d05dd1ea98ae7fba044b791bef204998a | Triage

Sharing

General

Target

6616ae9d95e9fbeb73a82a636351439d05dd1ea98ae7fba044b791bef204998a
Size

35KB
Sample

191025-b725lg59z2
MD5

479962c61d569a9eb1956107fad2f5dd
SHA1

7ed44ddc313a70dc27d494fba3d7736294f827f4
SHA256

6616ae9d95e9fbeb73a82a636351439d05dd1ea98ae7fba044b791bef204998a
SHA512

24c7d248edd423a159e69de0e504cc572035c3647474663c5b234f0bfb70b6dec2b4cff72d3908fdb1ee1bc96965d7a42122162b4ae5794b2f530e76d626ad0e

Score

7^/10

Malware Config

Targets

- Target
  
  6616ae9d95e9fbeb73a82a636351439d05dd1ea98ae7fba044b791bef204998a
- Size
  
  35KB
- MD5
  
  479962c61d569a9eb1956107fad2f5dd
- SHA1
  
  7ed44ddc313a70dc27d494fba3d7736294f827f4
- SHA256
  
  6616ae9d95e9fbeb73a82a636351439d05dd1ea98ae7fba044b791bef204998a
- SHA512
  
  24c7d248edd423a159e69de0e504cc572035c3647474663c5b234f0bfb70b6dec2b4cff72d3908fdb1ee1bc96965d7a42122162b4ae5794b2f530e76d626ad0e
Score

7^/10
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2