6fec57d4fac8e43a359e61ea4293ba973c40c85b6e510df74b4c1e6a51814939 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fec57d4fac8e43a359e61ea4293ba973c40c85b6e510df74b4c1e6a51814939
Size

344KB
Sample

221125-nrqkgsea58
MD5

0220aa8647c8223658561a6cefedb1bd
SHA1

d7a13aed0a94f1c2569746400862eaf3dbf9ff75
SHA256

6fec57d4fac8e43a359e61ea4293ba973c40c85b6e510df74b4c1e6a51814939
SHA512

366b6cb7cde591b7209aa4f676526e914b0896d99b40e69f7f73302198ed5655d87f90e7da838c17db02eaa95888d556e0b770d641da5c1dce69649a6eb003e1
SSDEEP

6144:MRAhhJxX7bNIAROzTuaPUD8XYPK9sQxonoRjfseIpDpFy+ZS+YOrgaS8T+:UsAAPaPUDLPZXwjko+ZC+gV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6fec57d4fac8e43a359e61ea4293ba973c40c85b6e510df74b4c1e6a51814939
- Size
  
  344KB
- MD5
  
  0220aa8647c8223658561a6cefedb1bd
- SHA1
  
  d7a13aed0a94f1c2569746400862eaf3dbf9ff75
- SHA256
  
  6fec57d4fac8e43a359e61ea4293ba973c40c85b6e510df74b4c1e6a51814939
- SHA512
  
  366b6cb7cde591b7209aa4f676526e914b0896d99b40e69f7f73302198ed5655d87f90e7da838c17db02eaa95888d556e0b770d641da5c1dce69649a6eb003e1
- SSDEEP
  
  6144:MRAhhJxX7bNIAROzTuaPUD8XYPK9sQxonoRjfseIpDpFy+ZS+YOrgaS8T+:UsAAPaPUDLPZXwjko+ZC+gV
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2