644295add0ffd3ec8363b9936bc68bdc737dbba635541ccbdbe688d974fa8d87 | Triage

Sharing

General

Target

644295add0ffd3ec8363b9936bc68bdc737dbba635541ccbdbe688d974fa8d87
Size

40KB
Sample

221123-2h9hwsaa47
MD5

436ebc92b50ff13d2d8bc3cd3fdcb150
SHA1

77040b71d4fc0f1492f35d11e5aa82888c515b23
SHA256

644295add0ffd3ec8363b9936bc68bdc737dbba635541ccbdbe688d974fa8d87
SHA512

619eceea19f65b1539194167ae23a18a3f7c5cf45fbd7356a63030ae7f22f59665b0ba53c954b7220303320e75f519bb10bfadabb5ea2d1b2aac8e5f4316827d
SSDEEP

768:/lKKM7mAevdVnVeY4dq/s/Dvp3N5Ewrj3yZyCfzT45M:/lK3YE/9bEwrq45M

Score

8^/10

discovery exploit persistence

Malware Config

Targets

- Target
  
  644295add0ffd3ec8363b9936bc68bdc737dbba635541ccbdbe688d974fa8d87
- Size
  
  40KB
- MD5
  
  436ebc92b50ff13d2d8bc3cd3fdcb150
- SHA1
  
  77040b71d4fc0f1492f35d11e5aa82888c515b23
- SHA256
  
  644295add0ffd3ec8363b9936bc68bdc737dbba635541ccbdbe688d974fa8d87
- SHA512
  
  619eceea19f65b1539194167ae23a18a3f7c5cf45fbd7356a63030ae7f22f59665b0ba53c954b7220303320e75f519bb10bfadabb5ea2d1b2aac8e5f4316827d
- SSDEEP
  
  768:/lKKM7mAevdVnVeY4dq/s/Dvp3N5Ewrj3yZyCfzT45M:/lK3YE/9bEwrq45M
Score

8^/10

discovery exploit persistence
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence

behavioral2