36e961ccd8df025a3f1058120d8019e111d536cca44a132b3885ee09a278d200 | Triage

Sharing

General

Target

36e961ccd8df025a3f1058120d8019e111d536cca44a132b3885ee09a278d200
Size

338KB
Sample

221124-d6schseg22
MD5

11f6220758592b076fa8f6c766a7a13d
SHA1

6833f2441d9bd9d29454e77339c9920a5221ea56
SHA256

36e961ccd8df025a3f1058120d8019e111d536cca44a132b3885ee09a278d200
SHA512

3e17bcee0f2cdc41e57d9ea55a83fd7da7f5dd59969fde0c07ce0a0ecbbab6f9f592add6ae88637297ba277223df481fd1cb5174b0b9fec0ebe0969f8e810f32
SSDEEP

6144:MRAhhJxX7bNIAROzTuaPUD8XYPKPf6eVl+rxdOwNjR8w5irZwksa3Q7rI:UsAAPaPUDLPDeVGUOd8w5irXLJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  36e961ccd8df025a3f1058120d8019e111d536cca44a132b3885ee09a278d200
- Size
  
  338KB
- MD5
  
  11f6220758592b076fa8f6c766a7a13d
- SHA1
  
  6833f2441d9bd9d29454e77339c9920a5221ea56
- SHA256
  
  36e961ccd8df025a3f1058120d8019e111d536cca44a132b3885ee09a278d200
- SHA512
  
  3e17bcee0f2cdc41e57d9ea55a83fd7da7f5dd59969fde0c07ce0a0ecbbab6f9f592add6ae88637297ba277223df481fd1cb5174b0b9fec0ebe0969f8e810f32
- SSDEEP
  
  6144:MRAhhJxX7bNIAROzTuaPUD8XYPKPf6eVl+rxdOwNjR8w5irZwksa3Q7rI:UsAAPaPUDLPDeVGUOd8w5irXLJ
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2