fc408df4a351a2d19843ce79a479b692a905d73d2e48f4a56b770caa1d3125fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc408df4a351a2d19843ce79a479b692a905d73d2e48f4a56b770caa1d3125fa
Size

460KB
Sample

221002-nvm9jafabm
MD5

704b964b6614b860ab0b3c057d464455
SHA1

40a8217861edff16fb76cf335a30c2c6a203f586
SHA256

fc408df4a351a2d19843ce79a479b692a905d73d2e48f4a56b770caa1d3125fa
SHA512

b55d34f1172f4eb78964db32939c2f06042fd06dc982a038994fc1218620cbb019f4a622ccb03caaab79aacf68eee8c0f8d78d1cf5097aca814bdc6221f3bf74
SSDEEP

12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZI1N:8ofHQaVfKZI1N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fc408df4a351a2d19843ce79a479b692a905d73d2e48f4a56b770caa1d3125fa
- Size
  
  460KB
- MD5
  
  704b964b6614b860ab0b3c057d464455
- SHA1
  
  40a8217861edff16fb76cf335a30c2c6a203f586
- SHA256
  
  fc408df4a351a2d19843ce79a479b692a905d73d2e48f4a56b770caa1d3125fa
- SHA512
  
  b55d34f1172f4eb78964db32939c2f06042fd06dc982a038994fc1218620cbb019f4a622ccb03caaab79aacf68eee8c0f8d78d1cf5097aca814bdc6221f3bf74
- SSDEEP
  
  12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZI1N:8ofHQaVfKZI1N
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2