79c7b159ef873196fd54cada5cf812369bee2c6f694d7a474b5cba7969bb4276 | Triage

Sharing

General

Target

79c7b159ef873196fd54cada5cf812369bee2c6f694d7a474b5cba7969bb4276
Size

3.3MB
Sample

221124-rw6ztaea3v
MD5

487615775bd83d2f7eab1def54c4646c
SHA1

ae7c907113c1f1dc7cf92809d3b26e5aff4fe5c5
SHA256

79c7b159ef873196fd54cada5cf812369bee2c6f694d7a474b5cba7969bb4276
SHA512

1dc31770c6142778d2372582e7f3c48e9a165e7488f28ae7b3b69fd3003dd524e1eaadff14fe8fe64effe16ff444a001cc789fc79bc6afdc43ab7ae9f37134a4
SSDEEP

98304:O3YobVRxj94j/JpY6A7PFLiWg5RxjUZzV:UYeujnY6aIrYZh

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  79c7b159ef873196fd54cada5cf812369bee2c6f694d7a474b5cba7969bb4276
- Size
  
  3.3MB
- MD5
  
  487615775bd83d2f7eab1def54c4646c
- SHA1
  
  ae7c907113c1f1dc7cf92809d3b26e5aff4fe5c5
- SHA256
  
  79c7b159ef873196fd54cada5cf812369bee2c6f694d7a474b5cba7969bb4276
- SHA512
  
  1dc31770c6142778d2372582e7f3c48e9a165e7488f28ae7b3b69fd3003dd524e1eaadff14fe8fe64effe16ff444a001cc789fc79bc6afdc43ab7ae9f37134a4
- SSDEEP
  
  98304:O3YobVRxj94j/JpY6A7PFLiWg5RxjUZzV:UYeujnY6aIrYZh
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2