ea9f1fb80090d8e47af328eb5a7b7cdd3a057bfa8db48afa3cac3fb3f3854537 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea9f1fb80090d8e47af328eb5a7b7cdd3a057bfa8db48afa3cac3fb3f3854537
Size

295KB
Sample

220919-v8tf2aeefm
MD5

326ce2504ff45109d18509102b0f07a2
SHA1

9787ab410c8b0881a47d388316868a442ae7a3fe
SHA256

ea9f1fb80090d8e47af328eb5a7b7cdd3a057bfa8db48afa3cac3fb3f3854537
SHA512

97a4ac6a6261e2c9d88da32bed1c1723b5a77cca3e447d6514a01b9ce5a5e354c67e285200f3f6c25dc36c44c9dc6be8cf057a2cecb23a39c7ebe97405706f1b
SSDEEP

6144:XFOXUAadJYiso0/pitBvvmpsmwRog2ZBG1ScCGp3Fkh4:XAXU/neo0/pitBmpsmwR4ZB4CGp3Fk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ea9f1fb80090d8e47af328eb5a7b7cdd3a057bfa8db48afa3cac3fb3f3854537
- Size
  
  295KB
- MD5
  
  326ce2504ff45109d18509102b0f07a2
- SHA1
  
  9787ab410c8b0881a47d388316868a442ae7a3fe
- SHA256
  
  ea9f1fb80090d8e47af328eb5a7b7cdd3a057bfa8db48afa3cac3fb3f3854537
- SHA512
  
  97a4ac6a6261e2c9d88da32bed1c1723b5a77cca3e447d6514a01b9ce5a5e354c67e285200f3f6c25dc36c44c9dc6be8cf057a2cecb23a39c7ebe97405706f1b
- SSDEEP
  
  6144:XFOXUAadJYiso0/pitBvvmpsmwRog2ZBG1ScCGp3Fkh4:XAXU/neo0/pitBmpsmwR4ZB4CGp3Fk
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2