263e0a3f73e50aaa30bb64f6db4dbe0c5ad0c8e2d5d963e24ca1f3b71ba02694 | Triage

Sharing

General

Target

263e0a3f73e50aaa30bb64f6db4dbe0c5ad0c8e2d5d963e24ca1f3b71ba02694
Size

143KB
Sample

221123-r4wttadc91
MD5

be5c091a4e363a7d15db9d1fc724f452
SHA1

d31b47a08cbcae788b067fb74c542c946c09d969
SHA256

263e0a3f73e50aaa30bb64f6db4dbe0c5ad0c8e2d5d963e24ca1f3b71ba02694
SHA512

288423fd52647afeaef15386448f4abfe939d76eb6db78d104939cd59265953ad0d134469717841245fec1560665c9598536c66027ca1ec373965ac6da778b0a
SSDEEP

3072:ryrkifLHxHZHjHFH7HnH3H7HjH12WkhHpHHHjHvH/HdHTHZHfHvHJH3HvHZicwev:rNRy6LG3

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  263e0a3f73e50aaa30bb64f6db4dbe0c5ad0c8e2d5d963e24ca1f3b71ba02694
- Size
  
  143KB
- MD5
  
  be5c091a4e363a7d15db9d1fc724f452
- SHA1
  
  d31b47a08cbcae788b067fb74c542c946c09d969
- SHA256
  
  263e0a3f73e50aaa30bb64f6db4dbe0c5ad0c8e2d5d963e24ca1f3b71ba02694
- SHA512
  
  288423fd52647afeaef15386448f4abfe939d76eb6db78d104939cd59265953ad0d134469717841245fec1560665c9598536c66027ca1ec373965ac6da778b0a
- SSDEEP
  
  3072:ryrkifLHxHZHjHFH7HnH3H7HjH12WkhHpHHHjHvH/HdHTHZHfHvHJH3HvHZicwev:rNRy6LG3
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence