d1f5f6a8bf5b32ce93d6ab4e0a1e382e2e6d89866386519f34bac4bacbf7b6db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1f5f6a8bf5b32ce93d6ab4e0a1e382e2e6d89866386519f34bac4bacbf7b6db
Size

310KB
Sample

221020-x67a8abddk
MD5

90262a6ff9af6a9dc3d376144d7154a0
SHA1

5d31dde9a7ebad893a48eb581debae7fa6e84a3e
SHA256

d1f5f6a8bf5b32ce93d6ab4e0a1e382e2e6d89866386519f34bac4bacbf7b6db
SHA512

ef49993695b4a5a5d9666bafda85896d707f386a458c21220b3ba5e328e7fbc03e436006f47528de097d84edd4ffd44dfd3cc33e64f77d5df085b63a2310c4a6
SSDEEP

6144:xX6m4UWD6Yh6Fzt1RaPEOiyOdlzTx7urTWvD:FKUHMoraPEOiyOdlzTx7u2v

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  d1f5f6a8bf5b32ce93d6ab4e0a1e382e2e6d89866386519f34bac4bacbf7b6db
- Size
  
  310KB
- MD5
  
  90262a6ff9af6a9dc3d376144d7154a0
- SHA1
  
  5d31dde9a7ebad893a48eb581debae7fa6e84a3e
- SHA256
  
  d1f5f6a8bf5b32ce93d6ab4e0a1e382e2e6d89866386519f34bac4bacbf7b6db
- SHA512
  
  ef49993695b4a5a5d9666bafda85896d707f386a458c21220b3ba5e328e7fbc03e436006f47528de097d84edd4ffd44dfd3cc33e64f77d5df085b63a2310c4a6
- SSDEEP
  
  6144:xX6m4UWD6Yh6Fzt1RaPEOiyOdlzTx7urTWvD:FKUHMoraPEOiyOdlzTx7u2v
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence