a4da5df3fadd84e9a34ed104350110140d203d712edbbe04545b91e46b8e6d39 | Triage

Sharing

General

Target

a4da5df3fadd84e9a34ed104350110140d203d712edbbe04545b91e46b8e6d39
Size

270KB
Sample

221020-1jl9bafgh5
MD5

96e9f63203c94e033ba8d9dbdccdf755
SHA1

14da76aa8bf9da771cb767534bf9ceecf65ec244
SHA256

a4da5df3fadd84e9a34ed104350110140d203d712edbbe04545b91e46b8e6d39
SHA512

6d70a9fae8ae3e79d89ade69491e36bde1c22a679918fa45ec7031badd713ae8b9408a88e0e88f157104cba367f4de26ef06e4be13b6b5b17464fb1f78162359
SSDEEP

6144:MRAhhJxX7bNIAROzTuaPUD8XRuf0b4mt/HLIhTWRlb3nZbgI+:UsAAPaPUD18t/HkSlblY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a4da5df3fadd84e9a34ed104350110140d203d712edbbe04545b91e46b8e6d39
- Size
  
  270KB
- MD5
  
  96e9f63203c94e033ba8d9dbdccdf755
- SHA1
  
  14da76aa8bf9da771cb767534bf9ceecf65ec244
- SHA256
  
  a4da5df3fadd84e9a34ed104350110140d203d712edbbe04545b91e46b8e6d39
- SHA512
  
  6d70a9fae8ae3e79d89ade69491e36bde1c22a679918fa45ec7031badd713ae8b9408a88e0e88f157104cba367f4de26ef06e4be13b6b5b17464fb1f78162359
- SSDEEP
  
  6144:MRAhhJxX7bNIAROzTuaPUD8XRuf0b4mt/HLIhTWRlb3nZbgI+:UsAAPaPUD18t/HkSlblY
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2