9ea8a99d30895b4f1a45cb8e2835e3bd227b862d007a235b3efb8db61c5e3178 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ea8a99d30895b4f1a45cb8e2835e3bd227b862d007a235b3efb8db61c5e3178
Size

1.0MB
Sample

220918-3rs3yafdf5
MD5

29b026b33920c83d7e2f7a9ec1b15b14
SHA1

bab12383ac8e4b8f4d72044731280192e7eeadff
SHA256

9ea8a99d30895b4f1a45cb8e2835e3bd227b862d007a235b3efb8db61c5e3178
SHA512

7b906d31e0c3a5995c693baa305472824eea541242a4d8a619f67b644ecec5924344e6a9b1e5a254df514a7f40434c91b2f9cc618341fd2d6e8ee81c4051dd2a
SSDEEP

24576:KV6oglapiJOUKdgvQNqL3tiBOBZxCq2G2nJU8F+9SZxp:KgNciJ+dgvPYoEq32nyQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9ea8a99d30895b4f1a45cb8e2835e3bd227b862d007a235b3efb8db61c5e3178
- Size
  
  1.0MB
- MD5
  
  29b026b33920c83d7e2f7a9ec1b15b14
- SHA1
  
  bab12383ac8e4b8f4d72044731280192e7eeadff
- SHA256
  
  9ea8a99d30895b4f1a45cb8e2835e3bd227b862d007a235b3efb8db61c5e3178
- SHA512
  
  7b906d31e0c3a5995c693baa305472824eea541242a4d8a619f67b644ecec5924344e6a9b1e5a254df514a7f40434c91b2f9cc618341fd2d6e8ee81c4051dd2a
- SSDEEP
  
  24576:KV6oglapiJOUKdgvQNqL3tiBOBZxCq2G2nJU8F+9SZxp:KgNciJ+dgvPYoEq32nyQ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2