a814425bed4127fc646e9dcb77ebd414d12c7c24a663197e977289d448f2562b | Triage

Sharing

General

Target

a814425bed4127fc646e9dcb77ebd414d12c7c24a663197e977289d448f2562b
Size

460KB
Sample

221107-nctctsfecp
MD5

0fa9e5ff0638b42b2ecb1877e16528db
SHA1

f8ee6db8f9960a40cff6a87974247a9cf720bcdb
SHA256

a814425bed4127fc646e9dcb77ebd414d12c7c24a663197e977289d448f2562b
SHA512

a6722e8915dfab68bfc29e3e68e97e98e4dda243cd3422d2afd3aa6ccc087ae9ae7bcdce1dbc8056b4a17b2eb00c2664a3eedc4ff0909eff34c77af140497000
SSDEEP

12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZI3sN:8ofHQaVfKZI8N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a814425bed4127fc646e9dcb77ebd414d12c7c24a663197e977289d448f2562b
- Size
  
  460KB
- MD5
  
  0fa9e5ff0638b42b2ecb1877e16528db
- SHA1
  
  f8ee6db8f9960a40cff6a87974247a9cf720bcdb
- SHA256
  
  a814425bed4127fc646e9dcb77ebd414d12c7c24a663197e977289d448f2562b
- SHA512
  
  a6722e8915dfab68bfc29e3e68e97e98e4dda243cd3422d2afd3aa6ccc087ae9ae7bcdce1dbc8056b4a17b2eb00c2664a3eedc4ff0909eff34c77af140497000
- SSDEEP
  
  12288:ppLCnVtGQ6vRSDB4fkCmHQrBecfKZI3sN:8ofHQaVfKZI8N
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2