a1013e6ea62bde2d0e51f497ea7459897e9992a2774a55c2584cce00c51be0e4 | Triage

Sharing

General

Target

a1013e6ea62bde2d0e51f497ea7459897e9992a2774a55c2584cce00c51be0e4
Size

2.0MB
Sample

221124-erkjssbe4x
MD5

69fe3a255353848d803b0a612bc2e8d1
SHA1

9520607317b1596b342410d24752427853affe1b
SHA256

a1013e6ea62bde2d0e51f497ea7459897e9992a2774a55c2584cce00c51be0e4
SHA512

27bf70357dfa30f90920c3a8c6974d02db0e918e91e6ab2cb23801ce7925ad16270a4dd46ced1da1dd4e30e16744652e096e3c7dd2f25f5e80f5ba144c0e9876
SSDEEP

24576:HVYbWzO3m2Q1mhlH1QnxBOabsM8KGH7Co0OLeGrIocE5lArjPP:WWzOW2Q0hlcO08KGbNLeGMb4un

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  a1013e6ea62bde2d0e51f497ea7459897e9992a2774a55c2584cce00c51be0e4
- Size
  
  2.0MB
- MD5
  
  69fe3a255353848d803b0a612bc2e8d1
- SHA1
  
  9520607317b1596b342410d24752427853affe1b
- SHA256
  
  a1013e6ea62bde2d0e51f497ea7459897e9992a2774a55c2584cce00c51be0e4
- SHA512
  
  27bf70357dfa30f90920c3a8c6974d02db0e918e91e6ab2cb23801ce7925ad16270a4dd46ced1da1dd4e30e16744652e096e3c7dd2f25f5e80f5ba144c0e9876
- SSDEEP
  
  24576:HVYbWzO3m2Q1mhlH1QnxBOabsM8KGH7Co0OLeGrIocE5lArjPP:WWzOW2Q0hlcO08KGbNLeGMb4un
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence