f5faf1f6336d82c464b59af3e68141fa2fcdb43804f30ec258c09b11c486d58b | Triage

Resubmissions

04/11/2022, 00:03

221104-ab3m8ahad3 8

03/11/2022, 22:19

221103-18qyssgab7 8

Sharing

General

Target

f5faf1f6336d82c464b59af3e68141fa2fcdb43804f30ec258c09b11c486d58b
Size

488KB
Sample

221103-18qyssgab7
MD5

101751c5caf15d750da338680c522213
SHA1

54baeefa69f320204bb6ca113da920d2ec90396d
SHA256

f5faf1f6336d82c464b59af3e68141fa2fcdb43804f30ec258c09b11c486d58b
SHA512

4109255401d059470f682533855728323ddf25981b09705e88fcd2a3cb2b8107e6dcb90d866ed730b3cbf28228af9f9a47a3d366bce3f8c3b78449fd74a0de66
SSDEEP

12288:xZYp1Scdg1IVZQLvqK/lGRgOUqmq9kR6lhKXE4bpZhrsRbl:46c21IVZQLvqK/cRgOnmq9g6HkjBsRh

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  f5faf1f6336d82c464b59af3e68141fa2fcdb43804f30ec258c09b11c486d58b
- Size
  
  488KB
- MD5
  
  101751c5caf15d750da338680c522213
- SHA1
  
  54baeefa69f320204bb6ca113da920d2ec90396d
- SHA256
  
  f5faf1f6336d82c464b59af3e68141fa2fcdb43804f30ec258c09b11c486d58b
- SHA512
  
  4109255401d059470f682533855728323ddf25981b09705e88fcd2a3cb2b8107e6dcb90d866ed730b3cbf28228af9f9a47a3d366bce3f8c3b78449fd74a0de66
- SSDEEP
  
  12288:xZYp1Scdg1IVZQLvqK/lGRgOUqmq9kR6lhKXE4bpZhrsRbl:46c21IVZQLvqK/cRgOnmq9g6HkjBsRh
Score

8^/10

discovery
- Executes dropped EXE
- Modifies file permissions
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2