9be793f144082b87bc536684828a04ea0f71385d5fd3b2d62f237f934eff6095 | Triage

Sharing

General

Target

9be793f144082b87bc536684828a04ea0f71385d5fd3b2d62f237f934eff6095
Size

3.3MB
Sample

221124-rww5lsea2t
MD5

e8231bacbb28664f17be611e0ed865d4
SHA1

8794e939f3eeaeae58914b65588b6552cd486941
SHA256

9be793f144082b87bc536684828a04ea0f71385d5fd3b2d62f237f934eff6095
SHA512

69465604b9eaaea38e1b960255744fa0c28a5592f38198c68b2d21555f9f33c3459eeeb54451d4606e5455e07e6a9964eeedb18e44f4663f8fe36467a82dbd6d
SSDEEP

98304:N3YobVRxj94j/JpY6A7PFLiWg5RxjUZzu:hYeujnY6aIrYZS

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  9be793f144082b87bc536684828a04ea0f71385d5fd3b2d62f237f934eff6095
- Size
  
  3.3MB
- MD5
  
  e8231bacbb28664f17be611e0ed865d4
- SHA1
  
  8794e939f3eeaeae58914b65588b6552cd486941
- SHA256
  
  9be793f144082b87bc536684828a04ea0f71385d5fd3b2d62f237f934eff6095
- SHA512
  
  69465604b9eaaea38e1b960255744fa0c28a5592f38198c68b2d21555f9f33c3459eeeb54451d4606e5455e07e6a9964eeedb18e44f4663f8fe36467a82dbd6d
- SSDEEP
  
  98304:N3YobVRxj94j/JpY6A7PFLiWg5RxjUZzu:hYeujnY6aIrYZS
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2