05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516 | Triage

Sharing

General

Target

05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516
Size

3.3MB
Sample

221124-rxstksea5x
MD5

89c997e8e181f2291ab6490d1320f4be
SHA1

65f3c5c98bd31d5dc2d689632ea02b27e497005b
SHA256

05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516
SHA512

b78033f087c9dd1f06c99123cefbcec80e91bd49b50cea44c8f2b5db273c55ed4307c59cc2ec083f6d5cb1fac52dbb1d17ed078034e2cc7ffc2e1becf79558c3
SSDEEP

98304:W3YobVRxj94j/JpY6A7PFLiWg5RxjUZz5:sYeujnY6aIrYZt

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516
- Size
  
  3.3MB
- MD5
  
  89c997e8e181f2291ab6490d1320f4be
- SHA1
  
  65f3c5c98bd31d5dc2d689632ea02b27e497005b
- SHA256
  
  05ea276c0144c29c5d10d85fe2ccfcbf3aa7840de28197673f6ef6bb21ec6516
- SHA512
  
  b78033f087c9dd1f06c99123cefbcec80e91bd49b50cea44c8f2b5db273c55ed4307c59cc2ec083f6d5cb1fac52dbb1d17ed078034e2cc7ffc2e1becf79558c3
- SSDEEP
  
  98304:W3YobVRxj94j/JpY6A7PFLiWg5RxjUZz5:sYeujnY6aIrYZt
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence