e4e3320c95503384079c9349a7e60c31007cb5bfb683a3d8e37064df95e3b72f | Triage

Sharing

General

Target

e4e3320c95503384079c9349a7e60c31007cb5bfb683a3d8e37064df95e3b72f
Size

5.9MB
Sample

221127-zfb4haca71
MD5

f98cc1ed7d0f00c066b656c7983a5dc8
SHA1

a068d5a7d098688db0e5305dcddc1c29eb0d258d
SHA256

e4e3320c95503384079c9349a7e60c31007cb5bfb683a3d8e37064df95e3b72f
SHA512

9c63448161b0c1a49944f14015fc1bccf292799660a58090047546eecc66143605d9eb93fb943496a87259f05f55c800caf6653e54c668ee31f416d62f50658d
SSDEEP

98304:zgXN9HVy6ImMQuX9uNw082xdBW3j6YseoBg+cDiD9e7o5PWx/EtsbVfewPpNw7H8:zgXN9q8+0bBWzVB+Gh7o0x/Ets5Wy/Q8

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  e4e3320c95503384079c9349a7e60c31007cb5bfb683a3d8e37064df95e3b72f
- Size
  
  5.9MB
- MD5
  
  f98cc1ed7d0f00c066b656c7983a5dc8
- SHA1
  
  a068d5a7d098688db0e5305dcddc1c29eb0d258d
- SHA256
  
  e4e3320c95503384079c9349a7e60c31007cb5bfb683a3d8e37064df95e3b72f
- SHA512
  
  9c63448161b0c1a49944f14015fc1bccf292799660a58090047546eecc66143605d9eb93fb943496a87259f05f55c800caf6653e54c668ee31f416d62f50658d
- SSDEEP
  
  98304:zgXN9HVy6ImMQuX9uNw082xdBW3j6YseoBg+cDiD9e7o5PWx/EtsbVfewPpNw7H8:zgXN9q8+0bBWzVB+Gh7o0x/Ets5Wy/Q8
Score

8^/10

discovery persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence