445937827151a74794e228e1cc83a61811baf453dde4412e0759da0fd6c8037c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

445937827151a74794e228e1cc83a61811baf453dde4412e0759da0fd6c8037c
Size

658KB
Sample

221127-wyg6paha99
MD5

30162f97a6506ae5c1f150624a63b8c9
SHA1

2f4f60027b18744d331dc6130d588dd1e9049a79
SHA256

445937827151a74794e228e1cc83a61811baf453dde4412e0759da0fd6c8037c
SHA512

fe86b7960cdad1dfaa2775ec62d0fd4b9b142ee588ad8844a18a9a56295fee3da239cf70d9ac02b68f7c07a5ad238d48f8f2a7bc5ed70354310e84b33b5c08df
SSDEEP

12288:UsAqMGHGSX1388BxGVILSY4oSe8lUzaJxmWHM81xp+D/oQ9ComXH4VOh:UsBbWOSY4He8KkmWuDoQEomXHSOh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  445937827151a74794e228e1cc83a61811baf453dde4412e0759da0fd6c8037c
- Size
  
  658KB
- MD5
  
  30162f97a6506ae5c1f150624a63b8c9
- SHA1
  
  2f4f60027b18744d331dc6130d588dd1e9049a79
- SHA256
  
  445937827151a74794e228e1cc83a61811baf453dde4412e0759da0fd6c8037c
- SHA512
  
  fe86b7960cdad1dfaa2775ec62d0fd4b9b142ee588ad8844a18a9a56295fee3da239cf70d9ac02b68f7c07a5ad238d48f8f2a7bc5ed70354310e84b33b5c08df
- SSDEEP
  
  12288:UsAqMGHGSX1388BxGVILSY4oSe8lUzaJxmWHM81xp+D/oQ9ComXH4VOh:UsBbWOSY4He8KkmWuDoQEomXHSOh
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2