88f96d5977ace868f03998c2c8bd5de1d1e4e1881192c0b96e52f700745f381e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88f96d5977ace868f03998c2c8bd5de1d1e4e1881192c0b96e52f700745f381e
Size

2.6MB
Sample

221029-c1tsqahdgj
MD5

08301ec0f33a91a47af71966bf2d1fc6
SHA1

07fd63090d5bcf6e03226953659513d22f4bb0cb
SHA256

88f96d5977ace868f03998c2c8bd5de1d1e4e1881192c0b96e52f700745f381e
SHA512

7da4c6404fd905f5d94aadd0dc87dd8e0e850a6dae24df28e37734cbdeadac001787cc190530685a225cd4f73cc7bae37daf6c4893a84634fa776390ada8786c
SSDEEP

49152:H/bHw4fnK5Rja8s70EHvsWywd/eTiP47xHCj59:H/bHw4PKPs70sjd/zP47xij5

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  88f96d5977ace868f03998c2c8bd5de1d1e4e1881192c0b96e52f700745f381e
- Size
  
  2.6MB
- MD5
  
  08301ec0f33a91a47af71966bf2d1fc6
- SHA1
  
  07fd63090d5bcf6e03226953659513d22f4bb0cb
- SHA256
  
  88f96d5977ace868f03998c2c8bd5de1d1e4e1881192c0b96e52f700745f381e
- SHA512
  
  7da4c6404fd905f5d94aadd0dc87dd8e0e850a6dae24df28e37734cbdeadac001787cc190530685a225cd4f73cc7bae37daf6c4893a84634fa776390ada8786c
- SSDEEP
  
  49152:H/bHw4fnK5Rja8s70EHvsWywd/eTiP47xHCj59:H/bHw4PKPs70sjd/zP47xij5
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2