c86f10da91d8c7ca51ce19e95437f066dc08ea6ad4bb627293f50e56cf540761 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c86f10da91d8c7ca51ce19e95437f066dc08ea6ad4bb627293f50e56cf540761
Size

5.9MB
Sample

221127-fehp4sag22
MD5

b496f67e5fde2a8ff0161220189429fd
SHA1

fd0ab91263d67c0b575f87a7f831b4979463587c
SHA256

c86f10da91d8c7ca51ce19e95437f066dc08ea6ad4bb627293f50e56cf540761
SHA512

6672453b65b431073a9a3a186d635c52ba256c9765698531a5d48a0c31f9d3cf1f15fcb4a8aa70f8a6eaddf0dcc993ea35f633b41c01285a01e03a329947452b
SSDEEP

98304:YIRfT0z1nTKpRNxtg7uSM2bKQch4dUSwCtlCOH0yEjurRKHW8C4FXSqg6RK9E:YIRfoz1nT2Nxtg7uSM2uZOPlpUbaUHV5

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c86f10da91d8c7ca51ce19e95437f066dc08ea6ad4bb627293f50e56cf540761
- Size
  
  5.9MB
- MD5
  
  b496f67e5fde2a8ff0161220189429fd
- SHA1
  
  fd0ab91263d67c0b575f87a7f831b4979463587c
- SHA256
  
  c86f10da91d8c7ca51ce19e95437f066dc08ea6ad4bb627293f50e56cf540761
- SHA512
  
  6672453b65b431073a9a3a186d635c52ba256c9765698531a5d48a0c31f9d3cf1f15fcb4a8aa70f8a6eaddf0dcc993ea35f633b41c01285a01e03a329947452b
- SSDEEP
  
  98304:YIRfT0z1nTKpRNxtg7uSM2bKQch4dUSwCtlCOH0yEjurRKHW8C4FXSqg6RK9E:YIRfoz1nT2Nxtg7uSM2uZOPlpUbaUHV5
Score

8^/10

discovery persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence