b6758034c59794650e757b205e389902aefe2a5cd985f67b80b07141c4b4d58f | Triage

Sharing

General

Target

b6758034c59794650e757b205e389902aefe2a5cd985f67b80b07141c4b4d58f
Size

1.5MB
Sample

221125-yc3avaaf83
MD5

6b06e2114591b6427dbabffb178bb5a4
SHA1

fa6c085de8eb8d84592b49c0751be85aaa89126d
SHA256

b6758034c59794650e757b205e389902aefe2a5cd985f67b80b07141c4b4d58f
SHA512

3e16a7a1c9929440579568946d8ab9adb67d290aeb07a825d1d87549778f4db1a3208649ccf8d7c789b96c217abcf1262dfff650127f04fdf4c370f1d49d6b2d
SSDEEP

24576:DmPpVQXE2ebGbQeV2IprcBcWvNfBqJvPOg0pnYrgZowIihSOB5uQgoOtB0O7z1Yo:eQHJQOprci0fBw2xYkZRwOBk3tBEQ

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  b6758034c59794650e757b205e389902aefe2a5cd985f67b80b07141c4b4d58f
- Size
  
  1.5MB
- MD5
  
  6b06e2114591b6427dbabffb178bb5a4
- SHA1
  
  fa6c085de8eb8d84592b49c0751be85aaa89126d
- SHA256
  
  b6758034c59794650e757b205e389902aefe2a5cd985f67b80b07141c4b4d58f
- SHA512
  
  3e16a7a1c9929440579568946d8ab9adb67d290aeb07a825d1d87549778f4db1a3208649ccf8d7c789b96c217abcf1262dfff650127f04fdf4c370f1d49d6b2d
- SSDEEP
  
  24576:DmPpVQXE2ebGbQeV2IprcBcWvNfBqJvPOg0pnYrgZowIihSOB5uQgoOtB0O7z1Yo:eQHJQOprci0fBw2xYkZRwOBk3tBEQ
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2