f3e2fd6b1a77260b11f9a1e5134073da4c92d2d53820d61198fcacf056271954 | Triage

Sharing

General

Target

f3e2fd6b1a77260b11f9a1e5134073da4c92d2d53820d61198fcacf056271954
Size

68KB
Sample

221123-vsazracg5v
MD5

446a1d33d46dde616e5f3e69aecede06
SHA1

2409dabf0910db6dea2e2f0b2d051146ba3744b8
SHA256

f3e2fd6b1a77260b11f9a1e5134073da4c92d2d53820d61198fcacf056271954
SHA512

ccfeb5be809c65bc444f498414fd34dd07f4cabf8fdb58ac026b70200fda980965c3dad420d9a6d95747dd96bab446ef4edc832003747b1879ce8e097b6f2c2b
SSDEEP

1536:y13PA7YgySG0paBQ+spiuGB4mxLLt6UzMv:j7sSG0paBQtpiuGB4U0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f3e2fd6b1a77260b11f9a1e5134073da4c92d2d53820d61198fcacf056271954
- Size
  
  68KB
- MD5
  
  446a1d33d46dde616e5f3e69aecede06
- SHA1
  
  2409dabf0910db6dea2e2f0b2d051146ba3744b8
- SHA256
  
  f3e2fd6b1a77260b11f9a1e5134073da4c92d2d53820d61198fcacf056271954
- SHA512
  
  ccfeb5be809c65bc444f498414fd34dd07f4cabf8fdb58ac026b70200fda980965c3dad420d9a6d95747dd96bab446ef4edc832003747b1879ce8e097b6f2c2b
- SSDEEP
  
  1536:y13PA7YgySG0paBQ+spiuGB4mxLLt6UzMv:j7sSG0paBQtpiuGB4U0
Score

8^/10

persistence
- Drops file in Drivers directory
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2