ffc070af48fb1f64e11630d2dfcd55f3afe325feb8dd78c6102a4d390fe3a24d | Triage

Sharing

General

Target

ffc070af48fb1f64e11630d2dfcd55f3afe325feb8dd78c6102a4d390fe3a24d
Size

5.7MB
Sample

221123-njfqbaca9v
MD5

3322907ae113079bd33355e4e9f63d22
SHA1

02134100cb5e2be44fab2f227fa3588d5e87ba34
SHA256

ffc070af48fb1f64e11630d2dfcd55f3afe325feb8dd78c6102a4d390fe3a24d
SHA512

a32fde7f82ab442405b69186c8ebd538d494b013aab3b70abc3df1f63eb5fd510a27a1bce55eaacdeae7e90b7bfd55b5d405c2d3bd371e30aec4d6b13a801675
SSDEEP

98304:5L+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95cz6:N89J/ANzywiJlgQNUJ2BTDYiqcAViVwO

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  ffc070af48fb1f64e11630d2dfcd55f3afe325feb8dd78c6102a4d390fe3a24d
- Size
  
  5.7MB
- MD5
  
  3322907ae113079bd33355e4e9f63d22
- SHA1
  
  02134100cb5e2be44fab2f227fa3588d5e87ba34
- SHA256
  
  ffc070af48fb1f64e11630d2dfcd55f3afe325feb8dd78c6102a4d390fe3a24d
- SHA512
  
  a32fde7f82ab442405b69186c8ebd538d494b013aab3b70abc3df1f63eb5fd510a27a1bce55eaacdeae7e90b7bfd55b5d405c2d3bd371e30aec4d6b13a801675
- SSDEEP
  
  98304:5L+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95cz6:N89J/ANzywiJlgQNUJ2BTDYiqcAViVwO
Score

8^/10

discovery persistence
- Executes dropped EXE
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence