fed808a86b8ffeaa1ab6a94d8721dc0bd87a356f5234d7bbc7128730848a171f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fed808a86b8ffeaa1ab6a94d8721dc0bd87a356f5234d7bbc7128730848a171f
Size

105KB
Sample

221019-tnrk9sfcb9
MD5

a1bb0b746a69092107f4be3e8390d080
SHA1

61152582f9355e08e0e453cd3846fbb4997196bc
SHA256

fed808a86b8ffeaa1ab6a94d8721dc0bd87a356f5234d7bbc7128730848a171f
SHA512

1c82adb75de5785f6eeeb503121eaafab129d674dd1d77a715661fbafee1339193fe378d3d6b2c97419887e6bbaf16ccbb2f6a1e8b14b79af7db059b5f70e290
SSDEEP

3072:NU+W+qNo3e9Sy/WuRa8167jsDDeLuuDssiZ44G:S+WJ9SHuRad7jsDDezssJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fed808a86b8ffeaa1ab6a94d8721dc0bd87a356f5234d7bbc7128730848a171f
- Size
  
  105KB
- MD5
  
  a1bb0b746a69092107f4be3e8390d080
- SHA1
  
  61152582f9355e08e0e453cd3846fbb4997196bc
- SHA256
  
  fed808a86b8ffeaa1ab6a94d8721dc0bd87a356f5234d7bbc7128730848a171f
- SHA512
  
  1c82adb75de5785f6eeeb503121eaafab129d674dd1d77a715661fbafee1339193fe378d3d6b2c97419887e6bbaf16ccbb2f6a1e8b14b79af7db059b5f70e290
- SSDEEP
  
  3072:NU+W+qNo3e9Sy/WuRa8167jsDDeLuuDssiZ44G:S+WJ9SHuRad7jsDDezssJ
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2