a370dc857e2d64e808c563543928ba89d2ba2af9845064037c42a75db4de0f0a | Triage

Sharing

General

Target

a370dc857e2d64e808c563543928ba89d2ba2af9845064037c42a75db4de0f0a
Size

212KB
Sample

221124-qx6j1agc42
MD5

9c03be3d38bf0879bb384e468439dfa1
SHA1

30c0edccae8255d5ed2254475c2200604f2b9280
SHA256

a370dc857e2d64e808c563543928ba89d2ba2af9845064037c42a75db4de0f0a
SHA512

f02dff8616ec721266b19d87c6fcce05a8c35be7276d7f9d889f7f3e2726b342e022a1ed285129e589f4ad5e161a80db29a6126ba47f548d21da0b89ccaeeddc
SSDEEP

3072:qaYOELNJ9W43lF3rnsliaD9Wa9kFLEShEkITCMij6GTsZzKnFKJSjqu7/blw:BY3LD1VzuIWuZITfGTsZAVD6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a370dc857e2d64e808c563543928ba89d2ba2af9845064037c42a75db4de0f0a
- Size
  
  212KB
- MD5
  
  9c03be3d38bf0879bb384e468439dfa1
- SHA1
  
  30c0edccae8255d5ed2254475c2200604f2b9280
- SHA256
  
  a370dc857e2d64e808c563543928ba89d2ba2af9845064037c42a75db4de0f0a
- SHA512
  
  f02dff8616ec721266b19d87c6fcce05a8c35be7276d7f9d889f7f3e2726b342e022a1ed285129e589f4ad5e161a80db29a6126ba47f548d21da0b89ccaeeddc
- SSDEEP
  
  3072:qaYOELNJ9W43lF3rnsliaD9Wa9kFLEShEkITCMij6GTsZzKnFKJSjqu7/blw:BY3LD1VzuIWuZITfGTsZAVD6
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2