dc49198bf6840760976482f20e992f494724dd6cd2f4e03ef798253a84e0600e | Triage

Sharing

General

Target

dc49198bf6840760976482f20e992f494724dd6cd2f4e03ef798253a84e0600e
Size

328KB
Sample

221011-hbpelaacf6
MD5

681e29af1a1ad0d68e45f3ee33007502
SHA1

03ba4dfdda5d1e0e87af9ef8d350f9fbfd207bdd
SHA256

dc49198bf6840760976482f20e992f494724dd6cd2f4e03ef798253a84e0600e
SHA512

78089323bbfeb1afbf30b74568d53db6c9b39fbeab7017746d21319a977c61eabc7300e4ff9bb1ab74ddcfb24387bd8967820c1902ac260c74c714ca80cc83d6
SSDEEP

6144:Wo6El4M0rGJc+6gpuJ3QJ6sftv4KZNWkbuutpEstD10T:EA4M0rGJuJ3QXKutCsR

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  dc49198bf6840760976482f20e992f494724dd6cd2f4e03ef798253a84e0600e
- Size
  
  328KB
- MD5
  
  681e29af1a1ad0d68e45f3ee33007502
- SHA1
  
  03ba4dfdda5d1e0e87af9ef8d350f9fbfd207bdd
- SHA256
  
  dc49198bf6840760976482f20e992f494724dd6cd2f4e03ef798253a84e0600e
- SHA512
  
  78089323bbfeb1afbf30b74568d53db6c9b39fbeab7017746d21319a977c61eabc7300e4ff9bb1ab74ddcfb24387bd8967820c1902ac260c74c714ca80cc83d6
- SSDEEP
  
  6144:Wo6El4M0rGJc+6gpuJ3QJ6sftv4KZNWkbuutpEstD10T:EA4M0rGJuJ3QXKutCsR
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2