d804a78194c2753943a7b14d28ea3d022a2d90f9ad82b4f4847f5a6e8ffec5e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d804a78194c2753943a7b14d28ea3d022a2d90f9ad82b4f4847f5a6e8ffec5e1
Size

392KB
Sample

221002-sczbasdbam
MD5

6fbe058da4dda77495d8424c4a49d080
SHA1

ef275d89366c758fd041576cd32430940a296f55
SHA256

d804a78194c2753943a7b14d28ea3d022a2d90f9ad82b4f4847f5a6e8ffec5e1
SHA512

c3439d648fe7d45d7fc5dd23988654ba0ee814492fdb03ef0a384fb4909827d4df0f672273fd234e1d2043fc99371a59c2d0768cfe44715df3e03a73be1e5282
SSDEEP

12288:NtKe6Zv23YdAPF84FpJmCMqLIR0em6qVp:d6Zv2xzYCPIRgdp

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d804a78194c2753943a7b14d28ea3d022a2d90f9ad82b4f4847f5a6e8ffec5e1
- Size
  
  392KB
- MD5
  
  6fbe058da4dda77495d8424c4a49d080
- SHA1
  
  ef275d89366c758fd041576cd32430940a296f55
- SHA256
  
  d804a78194c2753943a7b14d28ea3d022a2d90f9ad82b4f4847f5a6e8ffec5e1
- SHA512
  
  c3439d648fe7d45d7fc5dd23988654ba0ee814492fdb03ef0a384fb4909827d4df0f672273fd234e1d2043fc99371a59c2d0768cfe44715df3e03a73be1e5282
- SSDEEP
  
  12288:NtKe6Zv23YdAPF84FpJmCMqLIR0em6qVp:d6Zv2xzYCPIRgdp
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2