d06b2166262de93363aa381ee6e86b301a226f1e2ba27f611bf341fbe4500bb8 | Triage

Sharing

General

Target

d06b2166262de93363aa381ee6e86b301a226f1e2ba27f611bf341fbe4500bb8
Size

296KB
Sample

221030-n6345aagdm
MD5

93148a5f01fbeb2acf96a7e7d37d49be
SHA1

8b03804dcc96334c01985fb99bce2ac9770df535
SHA256

d06b2166262de93363aa381ee6e86b301a226f1e2ba27f611bf341fbe4500bb8
SHA512

73c3a2e61cd81f15041eecb94fb546223e129e9a6dba66bf07a193e59c75871385f6415cec2fc83124a37f5b565094cde69ee0b1e738db006da7c783739285f0
SSDEEP

6144:Bx+pdQKTZfeyRuh/GgtnmJxzUH2zvP6srbUxhaV3P2N6ro:Bx+pdQUxeyRudGgtmJxzs2rP6q6oV3PO

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d06b2166262de93363aa381ee6e86b301a226f1e2ba27f611bf341fbe4500bb8
- Size
  
  296KB
- MD5
  
  93148a5f01fbeb2acf96a7e7d37d49be
- SHA1
  
  8b03804dcc96334c01985fb99bce2ac9770df535
- SHA256
  
  d06b2166262de93363aa381ee6e86b301a226f1e2ba27f611bf341fbe4500bb8
- SHA512
  
  73c3a2e61cd81f15041eecb94fb546223e129e9a6dba66bf07a193e59c75871385f6415cec2fc83124a37f5b565094cde69ee0b1e738db006da7c783739285f0
- SSDEEP
  
  6144:Bx+pdQKTZfeyRuh/GgtnmJxzUH2zvP6srbUxhaV3P2N6ro:Bx+pdQUxeyRudGgtmJxzs2rP6q6oV3PO
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2