03288b2459ca3be2837594332713d12b83cc79d8afe67055b2a4387b890a699d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03288b2459ca3be2837594332713d12b83cc79d8afe67055b2a4387b890a699d
Size

264KB
Sample

221107-rtvtrsbfc7
MD5

0467add5149584c9ccc426dfa4d7d6b7
SHA1

6ee5a236eadfb5ee145cf3d876ca485eb7d0b0c9
SHA256

03288b2459ca3be2837594332713d12b83cc79d8afe67055b2a4387b890a699d
SHA512

b3d2733f19e4d6d8af009be407f1f94dfb0f1f837e1b541a153bed3901e256b37c63210b02be14fd72651969dfc2c1cb9d03e916f15caed0ac760cb6d8202716
SSDEEP

6144:GCvlnrIXXXIxTMCbe2VbzHIGXU7QNU5Uzf+EN5gne5DOTLIAGYXXXXXXXX57TrH1:G8pq2FDVN2nENGnf1F

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  03288b2459ca3be2837594332713d12b83cc79d8afe67055b2a4387b890a699d
- Size
  
  264KB
- MD5
  
  0467add5149584c9ccc426dfa4d7d6b7
- SHA1
  
  6ee5a236eadfb5ee145cf3d876ca485eb7d0b0c9
- SHA256
  
  03288b2459ca3be2837594332713d12b83cc79d8afe67055b2a4387b890a699d
- SHA512
  
  b3d2733f19e4d6d8af009be407f1f94dfb0f1f837e1b541a153bed3901e256b37c63210b02be14fd72651969dfc2c1cb9d03e916f15caed0ac760cb6d8202716
- SSDEEP
  
  6144:GCvlnrIXXXIxTMCbe2VbzHIGXU7QNU5Uzf+EN5gne5DOTLIAGYXXXXXXXX57TrH1:G8pq2FDVN2nENGnf1F
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2