c7739b8c31104d2c1ee1a600e797d5a21de0951b6a5e53a9724d91c68b40a5f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7739b8c31104d2c1ee1a600e797d5a21de0951b6a5e53a9724d91c68b40a5f0
Size

29KB
Sample

221021-eb56kaaffm
MD5

5c5e9e6599de61021dfbcdf0f13001b0
SHA1

5674f03e062de5648991a75ef0bd4cf887714d6c
SHA256

c7739b8c31104d2c1ee1a600e797d5a21de0951b6a5e53a9724d91c68b40a5f0
SHA512

6d8bd133208b031fd8973849ab3b78096b3fda4a2338b20d195e034cd58ee5c2d0aa59c9862e904509ee723536e5670852329ba050a5eae8089fc0f6a4dffb78
SSDEEP

384:XlTlqdHX6yjJsugzW7gocBwWnHhejcjUdJIrg+LPgHanBYA7+fLITB:XlJG36mJY0gocXnBpjUZsYVTf0T

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c7739b8c31104d2c1ee1a600e797d5a21de0951b6a5e53a9724d91c68b40a5f0
- Size
  
  29KB
- MD5
  
  5c5e9e6599de61021dfbcdf0f13001b0
- SHA1
  
  5674f03e062de5648991a75ef0bd4cf887714d6c
- SHA256
  
  c7739b8c31104d2c1ee1a600e797d5a21de0951b6a5e53a9724d91c68b40a5f0
- SHA512
  
  6d8bd133208b031fd8973849ab3b78096b3fda4a2338b20d195e034cd58ee5c2d0aa59c9862e904509ee723536e5670852329ba050a5eae8089fc0f6a4dffb78
- SSDEEP
  
  384:XlTlqdHX6yjJsugzW7gocBwWnHhejcjUdJIrg+LPgHanBYA7+fLITB:XlJG36mJY0gocXnBpjUZsYVTf0T
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Sets DLL path for service in the registry
  persistence
- Sets service image path in registry
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence