gh0strat | 044be76bba111443d36460472a41b094204489707ffa7b8daf8df0fc6e520d93 | Triage

Sharing

General

Target

044be76bba111443d36460472a41b094204489707ffa7b8daf8df0fc6e520d93
Size

316KB
Sample

221123-1a6xcshh6t
MD5

3929f994006d070cd12e77ee12d14635
SHA1

4713bd12a59d1fb78276999965b4b7406bb0cbca
SHA256

044be76bba111443d36460472a41b094204489707ffa7b8daf8df0fc6e520d93
SHA512

316da0e220bcdf7991b01a8dc648d06c70badc41a650027eda290913541f091264f670ddd9cec9444f9bac2ef31935b6089e0d1a38e92f7d24e562fcb2b03c4a
SSDEEP

6144:BiTMIWB0AL7tLm5Tlp34knw04G7v4G7AWFR:EiB0AdLuZNbweJAu

Score

10^/10

gh0strat persistence

Malware Config

Targets

- Target
  
  044be76bba111443d36460472a41b094204489707ffa7b8daf8df0fc6e520d93
- Size
  
  316KB
- MD5
  
  3929f994006d070cd12e77ee12d14635
- SHA1
  
  4713bd12a59d1fb78276999965b4b7406bb0cbca
- SHA256
  
  044be76bba111443d36460472a41b094204489707ffa7b8daf8df0fc6e520d93
- SHA512
  
  316da0e220bcdf7991b01a8dc648d06c70badc41a650027eda290913541f091264f670ddd9cec9444f9bac2ef31935b6089e0d1a38e92f7d24e562fcb2b03c4a
- SSDEEP
  
  6144:BiTMIWB0AL7tLm5Tlp34knw04G7v4G7AWFR:EiB0AdLuZNbweJAu
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2