80294bbf892b49e89a2c512256129d195f66b02656279bcfda1b71d8b4441e98 | Triage

Sharing

General

Target

80294bbf892b49e89a2c512256129d195f66b02656279bcfda1b71d8b4441e98
Size

30KB
Sample

221020-yrz42acff2
MD5

a039996e0fee6244d4ca29c7007af0e0
SHA1

ea685fae86928027a808b58adc9abf721f82631d
SHA256

80294bbf892b49e89a2c512256129d195f66b02656279bcfda1b71d8b4441e98
SHA512

8a590e1cdea473e6426c3f4de198d1cf93b90303ea699ce8ef430483ae8d872baf2a4fcb710016ddadebaa6bc0408f3aae64729ec929d2e57c525555d08bb3f5
SSDEEP

768:YgGVLx5kHFc6DYk/kMAfW40Vl5Pq0z32JfWY:YH950FcOEMAfB0dq42fWY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  80294bbf892b49e89a2c512256129d195f66b02656279bcfda1b71d8b4441e98
- Size
  
  30KB
- MD5
  
  a039996e0fee6244d4ca29c7007af0e0
- SHA1
  
  ea685fae86928027a808b58adc9abf721f82631d
- SHA256
  
  80294bbf892b49e89a2c512256129d195f66b02656279bcfda1b71d8b4441e98
- SHA512
  
  8a590e1cdea473e6426c3f4de198d1cf93b90303ea699ce8ef430483ae8d872baf2a4fcb710016ddadebaa6bc0408f3aae64729ec929d2e57c525555d08bb3f5
- SSDEEP
  
  768:YgGVLx5kHFc6DYk/kMAfW40Vl5Pq0z32JfWY:YH950FcOEMAfB0dq42fWY
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2