5a0ac8396526447a810f54d8db717c6228221f16cef43c2f6f50146d270d556e | Triage

Sharing

General

Target

5a0ac8396526447a810f54d8db717c6228221f16cef43c2f6f50146d270d556e
Size

183KB
Sample

221127-nwrckseb48
MD5

d1d8ac86520cc64370fb930ab8d63f45
SHA1

e9f5e7d2051f701038a0bdab1cf0ded44638f28d
SHA256

5a0ac8396526447a810f54d8db717c6228221f16cef43c2f6f50146d270d556e
SHA512

5f90a14708edb65e80ccd060f85404808befc21b4d39255e2bd48f4d3ebf897a8cd90db494745d7622ba7d1fd1e0dee5c33ab26d08befe58b752ba81d921aae8
SSDEEP

3072:FvWotnOkwYaH3p4njdwIhYPyVu//GJzpF1D5un:NWolO7Rp4jxVhzun

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  5a0ac8396526447a810f54d8db717c6228221f16cef43c2f6f50146d270d556e
- Size
  
  183KB
- MD5
  
  d1d8ac86520cc64370fb930ab8d63f45
- SHA1
  
  e9f5e7d2051f701038a0bdab1cf0ded44638f28d
- SHA256
  
  5a0ac8396526447a810f54d8db717c6228221f16cef43c2f6f50146d270d556e
- SHA512
  
  5f90a14708edb65e80ccd060f85404808befc21b4d39255e2bd48f4d3ebf897a8cd90db494745d7622ba7d1fd1e0dee5c33ab26d08befe58b752ba81d921aae8
- SSDEEP
  
  3072:FvWotnOkwYaH3p4njdwIhYPyVu//GJzpF1D5un:NWolO7Rp4jxVhzun
Score

8^/10

persistence upx
- Sets DLL path for service in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2