cfd379f4cd6f30427f085a20aa96aa404f7a9745dba47625126503f2aec9008a | Triage

Sharing

General

Target

cfd379f4cd6f30427f085a20aa96aa404f7a9745dba47625126503f2aec9008a
Size

1.4MB
Sample

221011-tv21ksdeb5
MD5

00cf659d090128d7211df472c273be80
SHA1

df0aade9ea762ddf27a4178495e25e3f972e8e8e
SHA256

cfd379f4cd6f30427f085a20aa96aa404f7a9745dba47625126503f2aec9008a
SHA512

c2d95d0cfa8c530b7db14a43befe701447d6197f3b6e09097e46f4ba6f66a3c49c4712496a4973e0b3e76969d62cf09049b714f0f4ddc300893b27dbfc8574ec
SSDEEP

24576:zNmF/mnBoDM5f7F2JQRKZk+61i5cCPWZj+VhL8OamPRKplJfVXT24WTEvzHJDsY:zYVZo5TcJQqk+61i5cYWZjSTDPYtfVjv

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  cfd379f4cd6f30427f085a20aa96aa404f7a9745dba47625126503f2aec9008a
- Size
  
  1.4MB
- MD5
  
  00cf659d090128d7211df472c273be80
- SHA1
  
  df0aade9ea762ddf27a4178495e25e3f972e8e8e
- SHA256
  
  cfd379f4cd6f30427f085a20aa96aa404f7a9745dba47625126503f2aec9008a
- SHA512
  
  c2d95d0cfa8c530b7db14a43befe701447d6197f3b6e09097e46f4ba6f66a3c49c4712496a4973e0b3e76969d62cf09049b714f0f4ddc300893b27dbfc8574ec
- SSDEEP
  
  24576:zNmF/mnBoDM5f7F2JQRKZk+61i5cCPWZj+VhL8OamPRKplJfVXT24WTEvzHJDsY:zYVZo5TcJQqk+61i5cYWZjSTDPYtfVjv
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit