22bc7f5562ad5a74a45097a40c05ed2660cbfbfeb75ae5d625ae3620b0cf173b | Triage

Sharing

General

Target

22bc7f5562ad5a74a45097a40c05ed2660cbfbfeb75ae5d625ae3620b0cf173b
Size

5.2MB
Sample

221124-n7sd1scc63
MD5

5bedc0148191fa682a35bf92b4f7d5c9
SHA1

58fe16e676fdde7e090f5b87ca8d86057b232635
SHA256

22bc7f5562ad5a74a45097a40c05ed2660cbfbfeb75ae5d625ae3620b0cf173b
SHA512

b2c75fb8ab4f66a2147170aa85a2e9948fe3114d584705216ef1fadba2e2b7b08ae9ac5b4e7b2127bc04a5881f6a5d6b07e54060e052ba0e873383211b1a8c42
SSDEEP

98304:RAgTNCoJcEniflG2HU3L4PgYApTr2HGgVTealYPKWa5NYthew0XYwC6D4nx:WgxNJ/8lG20tdgVTnSKnYTew0XYwC6Dg

Score

9^/10

persistence

Malware Config

Targets

- Target
  
  22bc7f5562ad5a74a45097a40c05ed2660cbfbfeb75ae5d625ae3620b0cf173b
- Size
  
  5.2MB
- MD5
  
  5bedc0148191fa682a35bf92b4f7d5c9
- SHA1
  
  58fe16e676fdde7e090f5b87ca8d86057b232635
- SHA256
  
  22bc7f5562ad5a74a45097a40c05ed2660cbfbfeb75ae5d625ae3620b0cf173b
- SHA512
  
  b2c75fb8ab4f66a2147170aa85a2e9948fe3114d584705216ef1fadba2e2b7b08ae9ac5b4e7b2127bc04a5881f6a5d6b07e54060e052ba0e873383211b1a8c42
- SSDEEP
  
  98304:RAgTNCoJcEniflG2HU3L4PgYApTr2HGgVTealYPKWa5NYthew0XYwC6D4nx:WgxNJ/8lG20tdgVTnSKnYTew0XYwC6Dg
Score

9^/10

persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2