b2319dc130db1a832d121c0660fde68b19d5cbdfefade451eb36e4d39fd15f7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2319dc130db1a832d121c0660fde68b19d5cbdfefade451eb36e4d39fd15f7f
Size

18KB
Sample

221020-1kntjafhd8
MD5

81891db226e741d5e8215ec03006ce20
SHA1

36b518cc063d405d3ab974699214cee558d610c1
SHA256

b2319dc130db1a832d121c0660fde68b19d5cbdfefade451eb36e4d39fd15f7f
SHA512

7a7193887a8d9037bd8da11f87194deb5ce0093e02a0ca8d53643ed231c68dd5d6c7f21243276311ec4350189f08539b8674bdf4d82617bfb3229c4f89472631
SSDEEP

384:RhwtHOYYtlWbK+/igSvIkuJWlPjaCPzWRj:XYRY7XQigS3uAds

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b2319dc130db1a832d121c0660fde68b19d5cbdfefade451eb36e4d39fd15f7f
- Size
  
  18KB
- MD5
  
  81891db226e741d5e8215ec03006ce20
- SHA1
  
  36b518cc063d405d3ab974699214cee558d610c1
- SHA256
  
  b2319dc130db1a832d121c0660fde68b19d5cbdfefade451eb36e4d39fd15f7f
- SHA512
  
  7a7193887a8d9037bd8da11f87194deb5ce0093e02a0ca8d53643ed231c68dd5d6c7f21243276311ec4350189f08539b8674bdf4d82617bfb3229c4f89472631
- SSDEEP
  
  384:RhwtHOYYtlWbK+/igSvIkuJWlPjaCPzWRj:XYRY7XQigS3uAds
Score

8^/10

persistence
- Executes dropped EXE
- Sets service image path in registry
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2