59e2617773fc62d221392be998df64a829adacba0afce7147daf201c6950f2ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59e2617773fc62d221392be998df64a829adacba0afce7147daf201c6950f2ff
Size

88KB
Sample

221021-fmz95achdl
MD5

6e58fe78e2596597e286c25863c63407
SHA1

420604848a40eaa769af77938ddf5197f45624f6
SHA256

59e2617773fc62d221392be998df64a829adacba0afce7147daf201c6950f2ff
SHA512

2103200796d66cc43ae1eae2a994ed8e2f51d87a1f829a2e1e8cc5f23e2611af62113a3e5bf3d78ed83a089819ee1e2208b48c35258ec179132c526371948f0d
SSDEEP

1536:yh6W3nLW8/QEr2xXaH53MI5A4p+ix+FEHPrOIu6yNev:W6mlqp0cICi+5Iu6F

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  59e2617773fc62d221392be998df64a829adacba0afce7147daf201c6950f2ff
- Size
  
  88KB
- MD5
  
  6e58fe78e2596597e286c25863c63407
- SHA1
  
  420604848a40eaa769af77938ddf5197f45624f6
- SHA256
  
  59e2617773fc62d221392be998df64a829adacba0afce7147daf201c6950f2ff
- SHA512
  
  2103200796d66cc43ae1eae2a994ed8e2f51d87a1f829a2e1e8cc5f23e2611af62113a3e5bf3d78ed83a089819ee1e2208b48c35258ec179132c526371948f0d
- SSDEEP
  
  1536:yh6W3nLW8/QEr2xXaH53MI5A4p+ix+FEHPrOIu6yNev:W6mlqp0cICi+5Iu6F
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2