a45f7196b6e0b4a96a50bb6866b7d1becc6109120dee21dc8e6f79f8b21a2667 | Triage

Sharing

General

Target

a45f7196b6e0b4a96a50bb6866b7d1becc6109120dee21dc8e6f79f8b21a2667
Size

592KB
Sample

221125-pt81aaca81
MD5

bda56cf30bea451439455567cc37db53
SHA1

1f822bdf2a03e0795b2fd99ad3c6e91dbc375b05
SHA256

a45f7196b6e0b4a96a50bb6866b7d1becc6109120dee21dc8e6f79f8b21a2667
SHA512

ee0929f726431b9ede7fc1078b9ad57e4a093609aca15d7139ea5a1c63694c68276615561ae845feb83eb31b8d0cdb6c582cdf131009662ff7fad7e968516cb0
SSDEEP

6144:ZbTaWWBAOKaJyzHS9qef9PEr5rAN2Y4p3czFcyD8iG7jopq1B1tRQqpu5+X:ZEKfzS9Hf56CSyDWHGq1Fr

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  a45f7196b6e0b4a96a50bb6866b7d1becc6109120dee21dc8e6f79f8b21a2667
- Size
  
  592KB
- MD5
  
  bda56cf30bea451439455567cc37db53
- SHA1
  
  1f822bdf2a03e0795b2fd99ad3c6e91dbc375b05
- SHA256
  
  a45f7196b6e0b4a96a50bb6866b7d1becc6109120dee21dc8e6f79f8b21a2667
- SHA512
  
  ee0929f726431b9ede7fc1078b9ad57e4a093609aca15d7139ea5a1c63694c68276615561ae845feb83eb31b8d0cdb6c582cdf131009662ff7fad7e968516cb0
- SSDEEP
  
  6144:ZbTaWWBAOKaJyzHS9qef9PEr5rAN2Y4p3czFcyD8iG7jopq1B1tRQqpu5+X:ZEKfzS9Hf56CSyDWHGq1Fr
Score

8^/10

evasion persistence
- Disables RegEdit via registry modification
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence