687ab63ab9929b3cc39f0c3a1c6ae331aa473fa11319ee760750037bfd56541d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

687ab63ab9929b3cc39f0c3a1c6ae331aa473fa11319ee760750037bfd56541d
Size

497KB
Sample

221106-ganw1aede9
MD5

2c8a12af053d0a3e65a4b00796d211e0
SHA1

f487e31a93c9dc0f5e20b1a367eb05ed16c735f2
SHA256

687ab63ab9929b3cc39f0c3a1c6ae331aa473fa11319ee760750037bfd56541d
SHA512

57bcb415abec112ef6ef9598b7090fb6978df67669fba8af892ce620eda249e4c4488b7cfd5388bd49bea8d731a3be37711bbf3dbb33cf04b6ce748360897747
SSDEEP

12288:19zIsOAaSPH4DmF3Z4mxxhnMNOmSQC+rmoog8VGjmCA:19z0jcYDmQmXh3vV8A

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  687ab63ab9929b3cc39f0c3a1c6ae331aa473fa11319ee760750037bfd56541d
- Size
  
  497KB
- MD5
  
  2c8a12af053d0a3e65a4b00796d211e0
- SHA1
  
  f487e31a93c9dc0f5e20b1a367eb05ed16c735f2
- SHA256
  
  687ab63ab9929b3cc39f0c3a1c6ae331aa473fa11319ee760750037bfd56541d
- SHA512
  
  57bcb415abec112ef6ef9598b7090fb6978df67669fba8af892ce620eda249e4c4488b7cfd5388bd49bea8d731a3be37711bbf3dbb33cf04b6ce748360897747
- SSDEEP
  
  12288:19zIsOAaSPH4DmF3Z4mxxhnMNOmSQC+rmoog8VGjmCA:19z0jcYDmQmXh3vV8A
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2