5e51b1534f2325b5f0e9399e3937f12370459badc72043e732296ee6ae1cb8f6 | Triage

Sharing

General

Target

5e51b1534f2325b5f0e9399e3937f12370459badc72043e732296ee6ae1cb8f6
Size

765KB
Sample

221125-1w1x8shh62
MD5

be739abd233fe2ac590f16f08094c67f
SHA1

7d11c8bec1eff0f99fa3c8433dea7ea0d0fdfba5
SHA256

5e51b1534f2325b5f0e9399e3937f12370459badc72043e732296ee6ae1cb8f6
SHA512

5b69840d75b379baa0830b5ae2fa5b5ab32ee097ffce2af0c2b45b1e8ce7690d35a435e57fd515510323fb24146805eaf1d43dee91b6f928429e7670a88b407e
SSDEEP

12288:xK0Mz/Go8lXvy5g+Tf5dHe9vF2kHhb+FzkEbkbcm9PV/J9w2rG9/YyZNu2pMshR7:xK0uT8M55He9vc8+Fz94nhw2rGLr/MoR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  CF߱ѪBUGѪ+һݵع.exe
- Size
  
  1.6MB
- MD5
  
  aa170b937b6db142ad42b2771ebce387
- SHA1
  
  6fb8945883f2cc86f5d5ef61b6b34cc270f40340
- SHA256
  
  de295c417b505d475280a0247c8786a3b73fff987090de8954f57e454fcfb028
- SHA512
  
  d647e3635725f0f02538df36f2f6c1a50fab9f19fd476968089854c52c99319d8d798c61551ad97d2a5f4b6f56fec581aa3d362f9bb16b86284a44841bf27dbe
- SSDEEP
  
  24576:dNU0Ncda2IQ6KqD9n+9mu0QDcsDsRuYqTXwgKw4v1TuSSx2O8pn8p+:df66zx5QDctuSjGEO8188
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2