aa8ee65a6aeac42c1f8cee56698e37f04232fdda7c55254e2298b445a5ff048f | Triage

Sharing

General

Target

aa8ee65a6aeac42c1f8cee56698e37f04232fdda7c55254e2298b445a5ff048f
Size

198KB
Sample

221030-1814rsdac4
MD5

a134c1aa25e2134f76c40591cae70ff0
SHA1

a93d183c03f31d75b0bedafc80fbff26aadb0174
SHA256

aa8ee65a6aeac42c1f8cee56698e37f04232fdda7c55254e2298b445a5ff048f
SHA512

772446e674f22f6413d463dde2c9de46ea346c0e7d4fc2740d0e18ade266b297e38f906d385e972bb85a650a04a951261f4fffc4b8309989a472a8bf73332081
SSDEEP

3072:nBI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikzG26LOUp:nK5ArKjbAxXSaegUqGeGpBohMzi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  aa8ee65a6aeac42c1f8cee56698e37f04232fdda7c55254e2298b445a5ff048f
- Size
  
  198KB
- MD5
  
  a134c1aa25e2134f76c40591cae70ff0
- SHA1
  
  a93d183c03f31d75b0bedafc80fbff26aadb0174
- SHA256
  
  aa8ee65a6aeac42c1f8cee56698e37f04232fdda7c55254e2298b445a5ff048f
- SHA512
  
  772446e674f22f6413d463dde2c9de46ea346c0e7d4fc2740d0e18ade266b297e38f906d385e972bb85a650a04a951261f4fffc4b8309989a472a8bf73332081
- SSDEEP
  
  3072:nBI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikzG26LOUp:nK5ArKjbAxXSaegUqGeGpBohMzi
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2