beatdrop | 95bbd494cecc25a422fa35912ec2365f3200d5a18ea4bfad5566432eb0834f9f | Triage

Resubmissions

27-10-2022 16:10

221027-tmnszscfh6 10

13-04-2022 09:32

220413-lhmfcsahbk 8

Sharing

General

Target

IconCacheService.dll
Size

248KB
Sample

221027-tmnszscfh6
MD5

e031c9984f65a9060ec1e70fbb84746b
SHA1

b01950ed9b1929fee04a9c23ac49e3de89e37228
SHA256

95bbd494cecc25a422fa35912ec2365f3200d5a18ea4bfad5566432eb0834f9f
SHA512

5dd1f004516b9fc0f0c36bca22dafaed9103191ebeea291e8d6f32f9b01b77fb18a0c4c5d04bd760a38651380a3680ede8b07f3d522f710b3df228ac8d934a2b
SSDEEP

6144:Gv77pPt5CRJRYHdhtxESU6FmixSG8aKUBYA/D1Q:GvX5C/qdhMZpG8a2A5Q

Score

10^/10

beatdrop persistence

Malware Config

Targets

- Target
  
  IconCacheService.dll
- Size
  
  248KB
- MD5
  
  e031c9984f65a9060ec1e70fbb84746b
- SHA1
  
  b01950ed9b1929fee04a9c23ac49e3de89e37228
- SHA256
  
  95bbd494cecc25a422fa35912ec2365f3200d5a18ea4bfad5566432eb0834f9f
- SHA512
  
  5dd1f004516b9fc0f0c36bca22dafaed9103191ebeea291e8d6f32f9b01b77fb18a0c4c5d04bd760a38651380a3680ede8b07f3d522f710b3df228ac8d934a2b
- SSDEEP
  
  6144:Gv77pPt5CRJRYHdhtxESU6FmixSG8aKUBYA/D1Q:GvX5C/qdhMZpG8a2A5Q
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2