1b59cdb5febc933a3ae26b6361f1d0d3492ce85c1fa9b8343852359439903bce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b59cdb5febc933a3ae26b6361f1d0d3492ce85c1fa9b8343852359439903bce
Size

38KB
Sample

221106-e2fzcsehen
MD5

103b81c71b1b7fe734658b60088c65b6
SHA1

24f754e259be5c3ee82460c6322d8df9dfe1e044
SHA256

1b59cdb5febc933a3ae26b6361f1d0d3492ce85c1fa9b8343852359439903bce
SHA512

5e5d8403cf4182a858c4989cc3309aec9b20af02db584b890f8a145b0cc8b18597a00598e092607f16d8eee4ab33cefaf0af534ce9da8bc2245678ed2983d9a3
SSDEEP

768:jwKT1cZrs2IL/8kGOTCPfKYJpxg+dR6N8kXGMsPBV2OW:cKT1MED8kGECv7TdRq8kXGMggf

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1b59cdb5febc933a3ae26b6361f1d0d3492ce85c1fa9b8343852359439903bce
- Size
  
  38KB
- MD5
  
  103b81c71b1b7fe734658b60088c65b6
- SHA1
  
  24f754e259be5c3ee82460c6322d8df9dfe1e044
- SHA256
  
  1b59cdb5febc933a3ae26b6361f1d0d3492ce85c1fa9b8343852359439903bce
- SHA512
  
  5e5d8403cf4182a858c4989cc3309aec9b20af02db584b890f8a145b0cc8b18597a00598e092607f16d8eee4ab33cefaf0af534ce9da8bc2245678ed2983d9a3
- SSDEEP
  
  768:jwKT1cZrs2IL/8kGOTCPfKYJpxg+dR6N8kXGMsPBV2OW:cKT1MED8kGECv7TdRq8kXGMggf
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2