ab739fbf6657de1324afb6918a16ee27b764e85bf981848fc16cb50056c6d99a | Triage

Sharing

General

Target

ab739fbf6657de1324afb6918a16ee27b764e85bf981848fc16cb50056c6d99a
Size

13KB
Sample

221124-f9wkfscb47
MD5

7d1ff52aa161eae894274ddeed5d8fe0
SHA1

82e3a6935ffbfefe12caea5443de6b10cd25933f
SHA256

ab739fbf6657de1324afb6918a16ee27b764e85bf981848fc16cb50056c6d99a
SHA512

731cea109cb770933abbacf84d82fe1b346a01a9379848303ff52a1b296f0c898953b7fefacf88d09511a013b86b8c73ad0fe1299549f226b0c5865757cd7497
SSDEEP

384:TzzVqiGagRYwZSFFOECXCghDSHXWmZg1r+9f7qN:TzxqagRYwZSGECXCgMmsgV/N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ab739fbf6657de1324afb6918a16ee27b764e85bf981848fc16cb50056c6d99a
- Size
  
  13KB
- MD5
  
  7d1ff52aa161eae894274ddeed5d8fe0
- SHA1
  
  82e3a6935ffbfefe12caea5443de6b10cd25933f
- SHA256
  
  ab739fbf6657de1324afb6918a16ee27b764e85bf981848fc16cb50056c6d99a
- SHA512
  
  731cea109cb770933abbacf84d82fe1b346a01a9379848303ff52a1b296f0c898953b7fefacf88d09511a013b86b8c73ad0fe1299549f226b0c5865757cd7497
- SSDEEP
  
  384:TzzVqiGagRYwZSFFOECXCghDSHXWmZg1r+9f7qN:TzxqagRYwZSGECXCgMmsgV/N
Score

8^/10

persistence
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2