51eae0cae9631c298edfd59acbe6b842944853662ad8dc0a32cf75ca35dd3f1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51eae0cae9631c298edfd59acbe6b842944853662ad8dc0a32cf75ca35dd3f1e
Size

34KB
Sample

220919-scxsgadgh4
MD5

33afde704785f95a5c617d84959d8f9c
SHA1

97927afdeffbcc5e076251d113d28b5a90c6afab
SHA256

51eae0cae9631c298edfd59acbe6b842944853662ad8dc0a32cf75ca35dd3f1e
SHA512

a52b1750b446b1f4641518c02df6ec23d052a39ae3093909973f85ae88d1cedb215e0d7565dbea780b55cf97feb5a56a68c7d42f905a34362a3e07c3b09b4602
SSDEEP

768:eiQQkZDTbBwI72tszyuwyrNJgYhyAM67Q5B6xqRv+N17kE7ukR:DQQkpXBwI72tszNwcMYsGqRa7ksuY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  51eae0cae9631c298edfd59acbe6b842944853662ad8dc0a32cf75ca35dd3f1e
- Size
  
  34KB
- MD5
  
  33afde704785f95a5c617d84959d8f9c
- SHA1
  
  97927afdeffbcc5e076251d113d28b5a90c6afab
- SHA256
  
  51eae0cae9631c298edfd59acbe6b842944853662ad8dc0a32cf75ca35dd3f1e
- SHA512
  
  a52b1750b446b1f4641518c02df6ec23d052a39ae3093909973f85ae88d1cedb215e0d7565dbea780b55cf97feb5a56a68c7d42f905a34362a3e07c3b09b4602
- SSDEEP
  
  768:eiQQkZDTbBwI72tszyuwyrNJgYhyAM67Q5B6xqRv+N17kE7ukR:DQQkpXBwI72tszNwcMYsGqRa7ksuY
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2