421e6bbb3b1c9d805e705b71d54fd58e60cf4f8118cc07ac5346bb6693d9daa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421e6bbb3b1c9d805e705b71d54fd58e60cf4f8118cc07ac5346bb6693d9daa3
Size

160KB
Sample

221028-2crqwsacgq
MD5

0ae77f59a88d7bedbaa31ff84e2f76c8
SHA1

6e483414d1d1d0e0ca18dbab7ff0c42ccb831148
SHA256

421e6bbb3b1c9d805e705b71d54fd58e60cf4f8118cc07ac5346bb6693d9daa3
SHA512

5e61e1b2f558f3567245b0d4eb34e898b6a1f16149e4f929bb20b0f8fc22bc5473cb91fa6328889b3b16ff009fb4d2a69862d277d7160533bdbf80d87cb08cd6
SSDEEP

1536:6Kadxj0YNsLDQwxKtOGgiUy8U4+BK++nL8:HWxNsLD5brPU4sK+6L8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  421e6bbb3b1c9d805e705b71d54fd58e60cf4f8118cc07ac5346bb6693d9daa3
- Size
  
  160KB
- MD5
  
  0ae77f59a88d7bedbaa31ff84e2f76c8
- SHA1
  
  6e483414d1d1d0e0ca18dbab7ff0c42ccb831148
- SHA256
  
  421e6bbb3b1c9d805e705b71d54fd58e60cf4f8118cc07ac5346bb6693d9daa3
- SHA512
  
  5e61e1b2f558f3567245b0d4eb34e898b6a1f16149e4f929bb20b0f8fc22bc5473cb91fa6328889b3b16ff009fb4d2a69862d277d7160533bdbf80d87cb08cd6
- SSDEEP
  
  1536:6Kadxj0YNsLDQwxKtOGgiUy8U4+BK++nL8:HWxNsLD5brPU4sK+6L8
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2