2ab4618b7929c39a3dd186e05668231b44e6e1e89b77d46ee6a8118b6a61f723 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Cidox.aex-2ab4618b7929c39a3dd186e05668231b44e6e1e89b77d46ee6a8118b6a61f723
Size

96KB
Sample

221107-n9bjaahcap
MD5

ca8f2bdbea9a238c9cf2e5b83598b21e
SHA1

f2817fa3716ff6c5dd5ec7d87497f1fa9d58e5cc
SHA256

2ab4618b7929c39a3dd186e05668231b44e6e1e89b77d46ee6a8118b6a61f723
SHA512

159a0e4ff4ba65a2000c83f10ece1ecb36a9c275d85c75ad7c6ef9f8231720b8d9490288664c2dc04a35e453c15bf909950161809a25930d82da5f69132c846d
SSDEEP

1536:F5wyF5v0gQTuY9DhVbfk9HfJ97GPiYl/Dp/kLa+daxo5:DsWUN5k9Hh9705DpMz4xo5

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Trojan-Ransom.Win32.Cidox.aex-2ab4618b7929c39a3dd186e05668231b44e6e1e89b77d46ee6a8118b6a61f723
- Size
  
  96KB
- MD5
  
  ca8f2bdbea9a238c9cf2e5b83598b21e
- SHA1
  
  f2817fa3716ff6c5dd5ec7d87497f1fa9d58e5cc
- SHA256
  
  2ab4618b7929c39a3dd186e05668231b44e6e1e89b77d46ee6a8118b6a61f723
- SHA512
  
  159a0e4ff4ba65a2000c83f10ece1ecb36a9c275d85c75ad7c6ef9f8231720b8d9490288664c2dc04a35e453c15bf909950161809a25930d82da5f69132c846d
- SSDEEP
  
  1536:F5wyF5v0gQTuY9DhVbfk9HfJ97GPiYl/Dp/kLa+daxo5:DsWUN5k9Hh9705DpMz4xo5
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2