dff2e259f1c14058a985b9121938ac6ef7835302ce617faf0a26a9c80df1e9da | Triage

Sharing

General

Target

dff2e259f1c14058a985b9121938ac6ef7835302ce617faf0a26a9c80df1e9da
Size

260KB
Sample

221011-hagclaaebl
MD5

4987f529bdcff0dfc782c316bf23ab1b
SHA1

6f013b94e8b01816219762f5e41c1fe243cc25a9
SHA256

dff2e259f1c14058a985b9121938ac6ef7835302ce617faf0a26a9c80df1e9da
SHA512

d84bd0f503c951b66396023e93cc59db409e971e204b8e1ce474d81fb677715bfb1f1f1e2b671c48ce5ae8dcb84b010997b162f04dff6afe6fb9f85a4ebea31e
SSDEEP

6144:FM3pimKTzijA+cD3BsXTwF6tqDR/iDYiPvWVk9HaXjqlAtFS2OteRg/NGPeEC4V:UpvKXaMuJqDhiDYiPuGGaY42A0g/NQeo

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dff2e259f1c14058a985b9121938ac6ef7835302ce617faf0a26a9c80df1e9da
- Size
  
  260KB
- MD5
  
  4987f529bdcff0dfc782c316bf23ab1b
- SHA1
  
  6f013b94e8b01816219762f5e41c1fe243cc25a9
- SHA256
  
  dff2e259f1c14058a985b9121938ac6ef7835302ce617faf0a26a9c80df1e9da
- SHA512
  
  d84bd0f503c951b66396023e93cc59db409e971e204b8e1ce474d81fb677715bfb1f1f1e2b671c48ce5ae8dcb84b010997b162f04dff6afe6fb9f85a4ebea31e
- SSDEEP
  
  6144:FM3pimKTzijA+cD3BsXTwF6tqDR/iDYiPvWVk9HaXjqlAtFS2OteRg/NGPeEC4V:UpvKXaMuJqDhiDYiPuGGaY42A0g/NQeo
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2