0270c6f93258e6b7c079c1dd0114ebf8846bd5a3a1cd375b875195a280bada05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0270c6f93258e6b7c079c1dd0114ebf8846bd5a3a1cd375b875195a280bada05
Size

229KB
Sample

221019-zrfk3aged4
MD5

a0d620a0cab01b9dc1e505c2d6a810b0
SHA1

5e5bf4e666b8c1746fbd5ee9e578e75ffcc454d7
SHA256

0270c6f93258e6b7c079c1dd0114ebf8846bd5a3a1cd375b875195a280bada05
SHA512

b30a84baae78e730d836c720cdf4de69c48a81709466adce7df80fc33526faeecf34103a4b8528824805014d0ea70b5367a43b4714218c307cc242017338345c
SSDEEP

3072:2DPhT7lKbVfldRMtyyYyzwCv2gs3+7K75pP:2DR7lKbtlMg/yzNG+7K75pP

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0270c6f93258e6b7c079c1dd0114ebf8846bd5a3a1cd375b875195a280bada05
- Size
  
  229KB
- MD5
  
  a0d620a0cab01b9dc1e505c2d6a810b0
- SHA1
  
  5e5bf4e666b8c1746fbd5ee9e578e75ffcc454d7
- SHA256
  
  0270c6f93258e6b7c079c1dd0114ebf8846bd5a3a1cd375b875195a280bada05
- SHA512
  
  b30a84baae78e730d836c720cdf4de69c48a81709466adce7df80fc33526faeecf34103a4b8528824805014d0ea70b5367a43b4714218c307cc242017338345c
- SSDEEP
  
  3072:2DPhT7lKbVfldRMtyyYyzwCv2gs3+7K75pP:2DR7lKbtlMg/yzNG+7K75pP
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2