9c80800b73b79253d33e1b06a43d364316d5776a5208dafa24f4d9bd42554299 | Triage

Sharing

General

Target

9c80800b73b79253d33e1b06a43d364316d5776a5208dafa24f4d9bd42554299
Size

3.3MB
Sample

221124-rwvxjsag22
MD5

7cff141bdd68f4fc0b604980b650c71e
SHA1

4e110caf953bb9a33ca22b0b81de3f578a9ca4fc
SHA256

9c80800b73b79253d33e1b06a43d364316d5776a5208dafa24f4d9bd42554299
SHA512

19610b4a7261062ec64c9b5e95585670cea75e723828e1fe969903c5d9379c81772b29045f1eea14b6dc87746ca5161e762cb69da074f90a2bdcd8a3fcf7d703
SSDEEP

98304:L3YobVRxj94j/JpY6A7PFLiWg5RxjUZz6o:jYeujnY6aIrYZ1

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  9c80800b73b79253d33e1b06a43d364316d5776a5208dafa24f4d9bd42554299
- Size
  
  3.3MB
- MD5
  
  7cff141bdd68f4fc0b604980b650c71e
- SHA1
  
  4e110caf953bb9a33ca22b0b81de3f578a9ca4fc
- SHA256
  
  9c80800b73b79253d33e1b06a43d364316d5776a5208dafa24f4d9bd42554299
- SHA512
  
  19610b4a7261062ec64c9b5e95585670cea75e723828e1fe969903c5d9379c81772b29045f1eea14b6dc87746ca5161e762cb69da074f90a2bdcd8a3fcf7d703
- SSDEEP
  
  98304:L3YobVRxj94j/JpY6A7PFLiWg5RxjUZz6o:jYeujnY6aIrYZ1
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2