dafef583bd979ed6e5d6c87d8d658b89afc4cd1e7c31e7fceb2b30718ecab2ed | Triage

Sharing

General

Target

dafef583bd979ed6e5d6c87d8d658b89afc4cd1e7c31e7fceb2b30718ecab2ed
Size

1.0MB
Sample

221123-s7aanagc5x
MD5

aa8c19647088ea4d9117343e4040dfea
SHA1

b9a6104b2df9f6a39380a42af57df82d5ca48699
SHA256

dafef583bd979ed6e5d6c87d8d658b89afc4cd1e7c31e7fceb2b30718ecab2ed
SHA512

10dcbc7227e224841e7fd912475d92e931470364908128d1626943e6fa4c5d036a51733d93117278f63af9224b2126b14e7f20bc87b20a64440df55a62f62767
SSDEEP

24576:NatO8VYzBPNhoyK858oMd9dLVgdXIITAFe9S0wPgY:Na3VYzBPNhoyKFBLV0JAFe9ShPz

Score

8^/10

Malware Config

Targets

- Target
  
  QQƱͼ_.exe
- Size
  
  1.2MB
- MD5
  
  694ca266aaa0bcb3d75348e259346de6
- SHA1
  
  9a8b50699d67f6fe56efad1da7b990c380782a7b
- SHA256
  
  f3317ddd5990fce70e4dd07790711e8daa14e72fbafbea0aa1171f5f330dbeeb
- SHA512
  
  77a9f2ae86d3e4876a3c165d960580863f77b1f324519ae8200e4a9985faec138cafdcae4d30c874b64ec5a63c486cb5dcb93bd942a87886c3230b4e174c1952
- SSDEEP
  
  24576:8mtOGTYtxBLLMBLvVJ3zzs337HOek5ThTYcxkGML5DVEVuPVMDP:8mvTYtxBynMO9Zh9kfFPeb
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2