cd5bee4dea013c1be8803edbd8125f6dc813d290fb6e149ad2b6bdb16148d50f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd5bee4dea013c1be8803edbd8125f6dc813d290fb6e149ad2b6bdb16148d50f
Size

313KB
Sample

221004-bnvntafce3
MD5

38d29da733b44a9e1b5956038c3cf5b0
SHA1

1de92a644d4554c5a4950e73b4214d6b036b9661
SHA256

cd5bee4dea013c1be8803edbd8125f6dc813d290fb6e149ad2b6bdb16148d50f
SHA512

24da35acf400fd8ba06bfba94f261a4f8ff0c5e1792f089ed747ff2253107afb3c09cbf89c0a8caf38cc03e2d9a8aac76a88928ac42239217288fd9cb74e737f
SSDEEP

6144:A2+XmBH2sB5mIhng16U5qnFhcq4Sqruy2NB0NDVa4bnIW:9Dng1f5qsqArudveLn

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  cd5bee4dea013c1be8803edbd8125f6dc813d290fb6e149ad2b6bdb16148d50f
- Size
  
  313KB
- MD5
  
  38d29da733b44a9e1b5956038c3cf5b0
- SHA1
  
  1de92a644d4554c5a4950e73b4214d6b036b9661
- SHA256
  
  cd5bee4dea013c1be8803edbd8125f6dc813d290fb6e149ad2b6bdb16148d50f
- SHA512
  
  24da35acf400fd8ba06bfba94f261a4f8ff0c5e1792f089ed747ff2253107afb3c09cbf89c0a8caf38cc03e2d9a8aac76a88928ac42239217288fd9cb74e737f
- SSDEEP
  
  6144:A2+XmBH2sB5mIhng16U5qnFhcq4Sqruy2NB0NDVa4bnIW:9Dng1f5qsqArudveLn
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2