42485a54736518a73551520f9c2cbba663040cab5458a01f2151146eb8e7d468 | Triage

Sharing

General

Target

42485a54736518a73551520f9c2cbba663040cab5458a01f2151146eb8e7d468
Size

5.7MB
Sample

221125-qfwy8sad56
MD5

6fc92fd0c948026d90fd56ff56fc99fa
SHA1

bcf4b083fcc3011af696eb24fea547e1f2f96d42
SHA256

42485a54736518a73551520f9c2cbba663040cab5458a01f2151146eb8e7d468
SHA512

e442cfe6a298bff101a97515dfecda1409c2a010e61238fd2ce794c04dcd151222575f64435c47b2ae7917b93ac6d475e505e727f4ce75c6e02d2e784ddacfd9
SSDEEP

98304:sL+wWs7EMO5L6LeyN4mB7ksBDfkPfurxqftiHaSWHD+JiQ0NSHtj5zM:QfE15eiyNqcDAfhVR+JifYtd4

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  42485a54736518a73551520f9c2cbba663040cab5458a01f2151146eb8e7d468
- Size
  
  5.7MB
- MD5
  
  6fc92fd0c948026d90fd56ff56fc99fa
- SHA1
  
  bcf4b083fcc3011af696eb24fea547e1f2f96d42
- SHA256
  
  42485a54736518a73551520f9c2cbba663040cab5458a01f2151146eb8e7d468
- SHA512
  
  e442cfe6a298bff101a97515dfecda1409c2a010e61238fd2ce794c04dcd151222575f64435c47b2ae7917b93ac6d475e505e727f4ce75c6e02d2e784ddacfd9
- SSDEEP
  
  98304:sL+wWs7EMO5L6LeyN4mB7ksBDfkPfurxqftiHaSWHD+JiQ0NSHtj5zM:QfE15eiyNqcDAfhVR+JifYtd4
Score

8^/10

discovery persistence
- Executes dropped EXE
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2