edd6dc1b1c1035b3e3f6f46e05a0a4fe21520aa063f1cf2b828ce98bbccae9fd | Triage

Sharing

General

Target

edd6dc1b1c1035b3e3f6f46e05a0a4fe21520aa063f1cf2b828ce98bbccae9fd
Size

1.4MB
Sample

221120-f7c1bshe98
MD5

4c3430c3d668441dffadbcc7662a13b0
SHA1

6e5bc7bf045859d125cdadec21c446c08ca3f2ac
SHA256

edd6dc1b1c1035b3e3f6f46e05a0a4fe21520aa063f1cf2b828ce98bbccae9fd
SHA512

12724bd2ded5356f302cd4bc8d407f16d809192a6d8e2ac209134d83e0d4ef9f052ca43a993caef290c216162e033d7c6d3608e2e0f241518114cce20459eae0
SSDEEP

24576:PNmF/mnBoDM5f7F2NQa1iBqeDhUywMexgR2wboeWxjO30C5VL9FvykON7gjr8uU2:PYVZo5Tc/iBhgyrb8xjXq9TO5wk3xHX+

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  edd6dc1b1c1035b3e3f6f46e05a0a4fe21520aa063f1cf2b828ce98bbccae9fd
- Size
  
  1.4MB
- MD5
  
  4c3430c3d668441dffadbcc7662a13b0
- SHA1
  
  6e5bc7bf045859d125cdadec21c446c08ca3f2ac
- SHA256
  
  edd6dc1b1c1035b3e3f6f46e05a0a4fe21520aa063f1cf2b828ce98bbccae9fd
- SHA512
  
  12724bd2ded5356f302cd4bc8d407f16d809192a6d8e2ac209134d83e0d4ef9f052ca43a993caef290c216162e033d7c6d3608e2e0f241518114cce20459eae0
- SSDEEP
  
  24576:PNmF/mnBoDM5f7F2NQa1iBqeDhUywMexgR2wboeWxjO30C5VL9FvykON7gjr8uU2:PYVZo5Tc/iBhgyrb8xjXq9TO5wk3xHX+
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit