ede449ed52251fa6ad79123d8ab1db5523dd38aee5dbd8112666b8fddf038732 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ede449ed52251fa6ad79123d8ab1db5523dd38aee5dbd8112666b8fddf038732
Size

356KB
Sample

221127-nwmpdseb44
MD5

f2ffbba0642d85c403cf7ea6c7b2183e
SHA1

02a2cc5c30549e728fb420bda9b02614311dd4b9
SHA256

ede449ed52251fa6ad79123d8ab1db5523dd38aee5dbd8112666b8fddf038732
SHA512

df41869a8521a58636b10e188d9fc92687b9b04dd8b02a2439100b2f04181536f5ad328a5f11b696a94ccfed1a1ea01af9daa536c5e71d8b76afa7ef1300628b
SSDEEP

6144:jAHTe5h3QD0ky0+HpG7goajawbQmpD3KpHYVYe0p0Z32CjKMH:jAH6TgDmz4c1aw/6hYVYe3ZjjH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ede449ed52251fa6ad79123d8ab1db5523dd38aee5dbd8112666b8fddf038732
- Size
  
  356KB
- MD5
  
  f2ffbba0642d85c403cf7ea6c7b2183e
- SHA1
  
  02a2cc5c30549e728fb420bda9b02614311dd4b9
- SHA256
  
  ede449ed52251fa6ad79123d8ab1db5523dd38aee5dbd8112666b8fddf038732
- SHA512
  
  df41869a8521a58636b10e188d9fc92687b9b04dd8b02a2439100b2f04181536f5ad328a5f11b696a94ccfed1a1ea01af9daa536c5e71d8b76afa7ef1300628b
- SSDEEP
  
  6144:jAHTe5h3QD0ky0+HpG7goajawbQmpD3KpHYVYe0p0Z32CjKMH:jAH6TgDmz4c1aw/6hYVYe3ZjjH
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2