2dca5d3b333cae8cffe2d0f12a88e0c75957d37115badc0bdee423d191ac521c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dca5d3b333cae8cffe2d0f12a88e0c75957d37115badc0bdee423d191ac521c
Size

220KB
Sample

221106-lbzgcafhbn
MD5

3721cd50de4e920456e31bc2a2d232f0
SHA1

57e9861136c0eca5b5a6f370e81b41db4b6519c4
SHA256

2dca5d3b333cae8cffe2d0f12a88e0c75957d37115badc0bdee423d191ac521c
SHA512

f5b947ae8e2af955cc4ea872959f96fbf2bfb56ae46018c4f5197652cd649dfc8951529939653ced3209d08588194be1a0e6a51d9592ae6bf5ed3a6904807ba2
SSDEEP

6144:9sehzRFHS2QUdxOJQbv/DhwEL6iBgYbaX/:9rDBdM2bv/D+I6iBWv

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  2dca5d3b333cae8cffe2d0f12a88e0c75957d37115badc0bdee423d191ac521c
- Size
  
  220KB
- MD5
  
  3721cd50de4e920456e31bc2a2d232f0
- SHA1
  
  57e9861136c0eca5b5a6f370e81b41db4b6519c4
- SHA256
  
  2dca5d3b333cae8cffe2d0f12a88e0c75957d37115badc0bdee423d191ac521c
- SHA512
  
  f5b947ae8e2af955cc4ea872959f96fbf2bfb56ae46018c4f5197652cd649dfc8951529939653ced3209d08588194be1a0e6a51d9592ae6bf5ed3a6904807ba2
- SSDEEP
  
  6144:9sehzRFHS2QUdxOJQbv/DhwEL6iBgYbaX/:9rDBdM2bv/D+I6iBWv
Score

8^/10

evasion persistence
- Executes dropped EXE
- Stops running service(s)
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2