db1773d4d893fc155715bab87a74ee13daf7f2ab8330109f794b4520662cb6b5 | Triage

Sharing

General

Target

db1773d4d893fc155715bab87a74ee13daf7f2ab8330109f794b4520662cb6b5
Size

2.0MB
Sample

201108-x4fvqt95xj
MD5

c82e5ec1f5966dcedacca3f586d56688
SHA1

f2bbea2aeb5b348dff177d5351e7c499d6003a9d
SHA256

db1773d4d893fc155715bab87a74ee13daf7f2ab8330109f794b4520662cb6b5
SHA512

0fd19f49d76e2cbfd40858dcc1c22877a364af132b4da661eee61cf06569b9d2bbd8aaf6c9d3708e545fb23fd68c6e5d41898dae12d9ac7859b7ee52cfdf47e2

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  db1773d4d893fc155715bab87a74ee13daf7f2ab8330109f794b4520662cb6b5
- Size
  
  2.0MB
- MD5
  
  c82e5ec1f5966dcedacca3f586d56688
- SHA1
  
  f2bbea2aeb5b348dff177d5351e7c499d6003a9d
- SHA256
  
  db1773d4d893fc155715bab87a74ee13daf7f2ab8330109f794b4520662cb6b5
- SHA512
  
  0fd19f49d76e2cbfd40858dcc1c22877a364af132b4da661eee61cf06569b9d2bbd8aaf6c9d3708e545fb23fd68c6e5d41898dae12d9ac7859b7ee52cfdf47e2
Score

8^/10

discovery persistence
- Blacklisted process makes network request
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence