f3d0285a1e2c8f131cbdf1c1648a12f64f5ff763c9ed5788abd9fedb174e88c1 | Triage

Sharing

General

Target

f3d0285a1e2c8f131cbdf1c1648a12f64f5ff763c9ed5788abd9fedb174e88c1
Size

1.4MB
Sample

221106-fql7nsgaen
MD5

306873e273f3438ba4209c587c584f10
SHA1

32f9869a560f1ac7e52de2233d2360d0af4ad7d3
SHA256

f3d0285a1e2c8f131cbdf1c1648a12f64f5ff763c9ed5788abd9fedb174e88c1
SHA512

db88df468f5ef32678451e58e203040e998a769fc86ca99d83c13f2468ce83de32065742f36877c9d45727b2b539cbb11d2ee1fcb51f12936b0b7ad1071a15c2
SSDEEP

24576:gNmF/mnBoDM5f7F2NQa1iBqeDhUywMexgR2wboeWxjO30C5VL9FvykON7gjr8uUP:gYVZo5Tc/iBhgyrb8xjXq9TO5wk3xHXH

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  f3d0285a1e2c8f131cbdf1c1648a12f64f5ff763c9ed5788abd9fedb174e88c1
- Size
  
  1.4MB
- MD5
  
  306873e273f3438ba4209c587c584f10
- SHA1
  
  32f9869a560f1ac7e52de2233d2360d0af4ad7d3
- SHA256
  
  f3d0285a1e2c8f131cbdf1c1648a12f64f5ff763c9ed5788abd9fedb174e88c1
- SHA512
  
  db88df468f5ef32678451e58e203040e998a769fc86ca99d83c13f2468ce83de32065742f36877c9d45727b2b539cbb11d2ee1fcb51f12936b0b7ad1071a15c2
- SSDEEP
  
  24576:gNmF/mnBoDM5f7F2NQa1iBqeDhUywMexgR2wboeWxjO30C5VL9FvykON7gjr8uUP:gYVZo5Tc/iBhgyrb8xjXq9TO5wk3xHXH
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit