cb61938704eec1d1d2a04b6be291abc7057b445d769504d8bbba42941e518b46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb61938704eec1d1d2a04b6be291abc7057b445d769504d8bbba42941e518b46
Size

3.3MB
Sample

221127-gecpjagf9x
MD5

241f09f913f66264fad438de088cd6a5
SHA1

30babd96f74fa8b9c5b67200b61a402dd5b1accb
SHA256

cb61938704eec1d1d2a04b6be291abc7057b445d769504d8bbba42941e518b46
SHA512

cc2a608343a42fe840ea911dad56bc7553c6aeeeea863e219d108b2b5a3d86f07197464e7caa236181a566a9ddab645d918668e4fce88693334a2ae23ceade95
SSDEEP

49152:UmWaok2ytdU3Ou0wchzpx/XRKYope/rvXyAhoLuYrcVEqCDvtMcSq2zZyIKT0:pW/yvU+ufKpx/XgYlercVEqYMdYFT

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cb61938704eec1d1d2a04b6be291abc7057b445d769504d8bbba42941e518b46
- Size
  
  3.3MB
- MD5
  
  241f09f913f66264fad438de088cd6a5
- SHA1
  
  30babd96f74fa8b9c5b67200b61a402dd5b1accb
- SHA256
  
  cb61938704eec1d1d2a04b6be291abc7057b445d769504d8bbba42941e518b46
- SHA512
  
  cc2a608343a42fe840ea911dad56bc7553c6aeeeea863e219d108b2b5a3d86f07197464e7caa236181a566a9ddab645d918668e4fce88693334a2ae23ceade95
- SSDEEP
  
  49152:UmWaok2ytdU3Ou0wchzpx/XRKYope/rvXyAhoLuYrcVEqCDvtMcSq2zZyIKT0:pW/yvU+ufKpx/XgYlercVEqYMdYFT
Score

8^/10

discovery persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence