cab8ac367017805bb701b547f8672d4447c26a4f8462ff5a1ce18dfc110028c3 | Triage

Sharing

General

Target

cab8ac367017805bb701b547f8672d4447c26a4f8462ff5a1ce18dfc110028c3
Size

382KB
Sample

221123-nvc4kach2s
MD5

661c5b91f9c04b8b7786ba8879f5f022
SHA1

79d9cc8247d68b169a78fe4d1a18c790619f4e46
SHA256

cab8ac367017805bb701b547f8672d4447c26a4f8462ff5a1ce18dfc110028c3
SHA512

ac9d1eb65377d6fd9da780ec6190ae64538bffabeebd72fd620c216b9b39c32222c64505e72ab52ea15e8e9439a5f0bd23c5d6dafece8d0b0fda03bcfd6070bc
SSDEEP

6144:6byYQvVfG6dg882DVaYq4sMPPEUygjzn8eIzgjIE3k57A4FP:6FeNBgpgVaYlsTy8nEkGss4FP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cab8ac367017805bb701b547f8672d4447c26a4f8462ff5a1ce18dfc110028c3
- Size
  
  382KB
- MD5
  
  661c5b91f9c04b8b7786ba8879f5f022
- SHA1
  
  79d9cc8247d68b169a78fe4d1a18c790619f4e46
- SHA256
  
  cab8ac367017805bb701b547f8672d4447c26a4f8462ff5a1ce18dfc110028c3
- SHA512
  
  ac9d1eb65377d6fd9da780ec6190ae64538bffabeebd72fd620c216b9b39c32222c64505e72ab52ea15e8e9439a5f0bd23c5d6dafece8d0b0fda03bcfd6070bc
- SSDEEP
  
  6144:6byYQvVfG6dg882DVaYq4sMPPEUygjzn8eIzgjIE3k57A4FP:6FeNBgpgVaYlsTy8nEkGss4FP
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2