9979483c5e1758d24a5c6cf2e50f409c18942835c7068c60dac5d555626be44e | Triage

Sharing

General

Target

9979483c5e1758d24a5c6cf2e50f409c18942835c7068c60dac5d555626be44e
Size

401KB
Sample

221009-nz6xfahahp
MD5

2349346ac1ae0a48b654f278ea6440f6
SHA1

bed6b1e00b71fc33eaf4f90655b8e02650f17e35
SHA256

9979483c5e1758d24a5c6cf2e50f409c18942835c7068c60dac5d555626be44e
SHA512

fedb455aff1f393ad827d5e6c6d4150982444dd0e199fd717fa5d987f00806c8808f1943eb791ba3e4862f08635c1056baf408b002131c2ecf73a8902f92e9d4
SSDEEP

12288:mrqcrS2Y0JmpPhyhin1Z9BU0ZPIo9rU/HFi0M:cS+k180U0ZPR3

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  DesktopOK桌面图标排列备份恢复.exe
- Size
  
  436KB
- MD5
  
  f930d303ea84da0598dec3242c934faa
- SHA1
  
  3d4847837f681970ba471bc4ccdfb466908a1b1c
- SHA256
  
  f6f5486621b12286e1cdced6d9ac05bacf85bfed70f78e790522c62e5f36f019
- SHA512
  
  9539795aa2bfa90777ca571e2c71d9a21b873297b9c10a57b008a7551e17138bcc51daec6f00a095aae41099071fbf8a3c52ae7503a59060713878a153780072
- SSDEEP
  
  12288:eEZI8tPfPrruvOtdHPtMOQ6XvH9v4pEhCT:eEDPSOQ6XvH9th2
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2