cf9cd6a6b483d7006af6dc8ac5ae2fbd69a0d70f22fcbc9d8a2e241ba4f26df2 | Triage

Sharing

General

Target

cf9cd6a6b483d7006af6dc8ac5ae2fbd69a0d70f22fcbc9d8a2e241ba4f26df2
Size

5.8MB
Sample

221127-zmmhtace9y
MD5

d8f133f6ac989889d64decd864fe803e
SHA1

79b3068e05a48a197cd4f8a37a9e33ab087e5875
SHA256

cf9cd6a6b483d7006af6dc8ac5ae2fbd69a0d70f22fcbc9d8a2e241ba4f26df2
SHA512

d5b64848d7194154f08f72d96f4d40cc8e193e3804d2ffb2c7ce079a5084c6534f61ca9352392314b34efcf21318e03ed9479f33e88306526347c4703bd6fd1c
SSDEEP

98304:nFastLdG1V67xuqI+cprrXTUJ7S54zlyNnA9GjfunztH9Cq8G197QdJpJMr2Pv:nFaMpyI74l+cpjgJS5a4NnxfuR4qzurF

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  cf9cd6a6b483d7006af6dc8ac5ae2fbd69a0d70f22fcbc9d8a2e241ba4f26df2
- Size
  
  5.8MB
- MD5
  
  d8f133f6ac989889d64decd864fe803e
- SHA1
  
  79b3068e05a48a197cd4f8a37a9e33ab087e5875
- SHA256
  
  cf9cd6a6b483d7006af6dc8ac5ae2fbd69a0d70f22fcbc9d8a2e241ba4f26df2
- SHA512
  
  d5b64848d7194154f08f72d96f4d40cc8e193e3804d2ffb2c7ce079a5084c6534f61ca9352392314b34efcf21318e03ed9479f33e88306526347c4703bd6fd1c
- SSDEEP
  
  98304:nFastLdG1V67xuqI+cprrXTUJ7S54zlyNnA9GjfunztH9Cq8G197QdJpJMr2Pv:nFaMpyI74l+cpjgJS5a4NnxfuR4qzurF
Score

8^/10

discovery persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2