6e212157b5dfb4e68f59120567e864f4612039f60ce72841cf830c6c5ea3f454 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e212157b5dfb4e68f59120567e864f4612039f60ce72841cf830c6c5ea3f454
Size

268KB
Sample

221019-2j4c9sbedj
MD5

829a386d65bd0a4dc8b48a7ad5a6fdb2
SHA1

4b7c7e773cc6c4e95f86ae504727c43dcdca2967
SHA256

6e212157b5dfb4e68f59120567e864f4612039f60ce72841cf830c6c5ea3f454
SHA512

521bcf45dab0a7cde3c106f1297d0bb9a2e93ea367f304236579ef66b8945540d5467a4ddfcebc8c4dd8ffdfba9cec97725ff1150eae4e715ae7ecc65a7ef643
SSDEEP

6144:RGyJKeYysrZNCaBVIvIbjtPNcPxKQvVFS9JV7:wymiaBevA/4KQvVQ9L7

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  6e212157b5dfb4e68f59120567e864f4612039f60ce72841cf830c6c5ea3f454
- Size
  
  268KB
- MD5
  
  829a386d65bd0a4dc8b48a7ad5a6fdb2
- SHA1
  
  4b7c7e773cc6c4e95f86ae504727c43dcdca2967
- SHA256
  
  6e212157b5dfb4e68f59120567e864f4612039f60ce72841cf830c6c5ea3f454
- SHA512
  
  521bcf45dab0a7cde3c106f1297d0bb9a2e93ea367f304236579ef66b8945540d5467a4ddfcebc8c4dd8ffdfba9cec97725ff1150eae4e715ae7ecc65a7ef643
- SSDEEP
  
  6144:RGyJKeYysrZNCaBVIvIbjtPNcPxKQvVFS9JV7:wymiaBevA/4KQvVQ9L7
Score

8^/10

discovery evasion persistence
- Stops running service(s)
  evasion
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence