1369d06d493f805f55b4062437cfbcd9abec14c5ccb43189a0820bae280297e3 | Triage

Sharing

General

Target

1369d06d493f805f55b4062437cfbcd9abec14c5ccb43189a0820bae280297e3
Size

172KB
Sample

200729-1hxxjw24pa
MD5

169aaafbcc45bcc0ad01ccf74df8f5a8
SHA1

e8e922317325d2527ef75a35d16407d5f671f6cb
SHA256

1369d06d493f805f55b4062437cfbcd9abec14c5ccb43189a0820bae280297e3
SHA512

f4f4dc28aae507535d5b71fb092a2e9e0a0e3a3e463f9e17a9dee4214655bfb2900ec6b6eb0b8453418f0ae3bd51c2c2d08638baac0d8ce3f1cfeb43b8759461

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  1369d06d493f805f55b4062437cfbcd9abec14c5ccb43189a0820bae280297e3
- Size
  
  172KB
- MD5
  
  169aaafbcc45bcc0ad01ccf74df8f5a8
- SHA1
  
  e8e922317325d2527ef75a35d16407d5f671f6cb
- SHA256
  
  1369d06d493f805f55b4062437cfbcd9abec14c5ccb43189a0820bae280297e3
- SHA512
  
  f4f4dc28aae507535d5b71fb092a2e9e0a0e3a3e463f9e17a9dee4214655bfb2900ec6b6eb0b8453418f0ae3bd51c2c2d08638baac0d8ce3f1cfeb43b8759461
Score

8^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

persistencediscovery