4a89fccf6fee993c4f73495ba3653b228250ffd026360fe8224f232d3c112e5e | Triage

Sharing

General

Target

4a89fccf6fee993c4f73495ba3653b228250ffd026360fe8224f232d3c112e5e
Size

372KB
Sample

221123-rqphkshc52
MD5

fce8fbcd58adfde611742452727f3647
SHA1

b5ca6911517e423a45f23873c40e4919b7db1b2d
SHA256

4a89fccf6fee993c4f73495ba3653b228250ffd026360fe8224f232d3c112e5e
SHA512

0e139a3c5d7e0be698a9055ac5e5a94d01dfbf32c69ae43355fd9ac2cdec4a8c7264d66a24ecf8811ecd243205d2704ed8b5a8805df232e9faedd2442c462594
SSDEEP

6144:RG9WquUIS1xxgOGngOZvhmyqC7WFm5PNHt5xImoXMFMywZ2Klb2PN1gWL:RGOSxgjgcMyqaPNHemoXMFVslb2PYG

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4a89fccf6fee993c4f73495ba3653b228250ffd026360fe8224f232d3c112e5e
- Size
  
  372KB
- MD5
  
  fce8fbcd58adfde611742452727f3647
- SHA1
  
  b5ca6911517e423a45f23873c40e4919b7db1b2d
- SHA256
  
  4a89fccf6fee993c4f73495ba3653b228250ffd026360fe8224f232d3c112e5e
- SHA512
  
  0e139a3c5d7e0be698a9055ac5e5a94d01dfbf32c69ae43355fd9ac2cdec4a8c7264d66a24ecf8811ecd243205d2704ed8b5a8805df232e9faedd2442c462594
- SSDEEP
  
  6144:RG9WquUIS1xxgOGngOZvhmyqC7WFm5PNHt5xImoXMFMywZ2Klb2PN1gWL:RGOSxgjgcMyqaPNHemoXMFVslb2PYG
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2