529ad578dc1aa7acf531d61ecdb699f61e3ee4459d81431e9e9bdadb090605de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

529ad578dc1aa7acf531d61ecdb699f61e3ee4459d81431e9e9bdadb090605de
Size

140KB
Sample

221011-jmnswachfl
MD5

6aa746610fc491c0a60aa400c1fcbd20
SHA1

c28311da0e4ab04a236bc21c4d45f88a825eef28
SHA256

529ad578dc1aa7acf531d61ecdb699f61e3ee4459d81431e9e9bdadb090605de
SHA512

cd48c5094c2d158cdcb5993ecbd863a8c4d3502eb3ed6efc82613295bad5aa28b5c7993d660eec9a333a6c5272f7582918d06da14382571adfeaecdd45fbfa97
SSDEEP

3072:E5EbaYYVdtAN97WXzgyZLJk0zCnk+UCYoHj1P4Nm1:E54YVdtta+3CTj1PCm1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  529ad578dc1aa7acf531d61ecdb699f61e3ee4459d81431e9e9bdadb090605de
- Size
  
  140KB
- MD5
  
  6aa746610fc491c0a60aa400c1fcbd20
- SHA1
  
  c28311da0e4ab04a236bc21c4d45f88a825eef28
- SHA256
  
  529ad578dc1aa7acf531d61ecdb699f61e3ee4459d81431e9e9bdadb090605de
- SHA512
  
  cd48c5094c2d158cdcb5993ecbd863a8c4d3502eb3ed6efc82613295bad5aa28b5c7993d660eec9a333a6c5272f7582918d06da14382571adfeaecdd45fbfa97
- SSDEEP
  
  3072:E5EbaYYVdtAN97WXzgyZLJk0zCnk+UCYoHj1P4Nm1:E54YVdtta+3CTj1PCm1
Score

8^/10

persistence
- Executes dropped EXE
- Modifies AppInit DLL entries
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2