df22e96bb7574da5c88a4bac2dbdca67542f8fb4ad944266d1ddff2d141af192 | Triage

Sharing

General

Target

df22e96bb7574da5c88a4bac2dbdca67542f8fb4ad944266d1ddff2d141af192
Size

1.4MB
Sample

221107-g9d6vaccf9
MD5

092c196c5dfdb37ab08099628a84c1f0
SHA1

86bec33d43b4bb96f94e8574ae17059660648257
SHA256

df22e96bb7574da5c88a4bac2dbdca67542f8fb4ad944266d1ddff2d141af192
SHA512

5290ad82eb4e7bf19de935dc6b55282b68f753cd43c5a8983182b4ab1dde4dced688cf7ca43437dd5b3bf5d1222d26e57a0540655428a3e19dfbb67b3103de62
SSDEEP

24576:eNmF/mnBoDM5f7F2/3ghdtdCczlEh7ThXBz2wB/MSe2Tp3I1gRUfbVx5rLIhkp8l:eYVZo5Tc/3g1XGh7VRz51ne0p4v7L81f

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  df22e96bb7574da5c88a4bac2dbdca67542f8fb4ad944266d1ddff2d141af192
- Size
  
  1.4MB
- MD5
  
  092c196c5dfdb37ab08099628a84c1f0
- SHA1
  
  86bec33d43b4bb96f94e8574ae17059660648257
- SHA256
  
  df22e96bb7574da5c88a4bac2dbdca67542f8fb4ad944266d1ddff2d141af192
- SHA512
  
  5290ad82eb4e7bf19de935dc6b55282b68f753cd43c5a8983182b4ab1dde4dced688cf7ca43437dd5b3bf5d1222d26e57a0540655428a3e19dfbb67b3103de62
- SSDEEP
  
  24576:eNmF/mnBoDM5f7F2/3ghdtdCczlEh7ThXBz2wB/MSe2Tp3I1gRUfbVx5rLIhkp8l:eYVZo5Tc/3g1XGh7VRz51ne0p4v7L81f
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit