6b9ba3998d267ec9ff37f0d4b42080c64b14da2ecbed87be4fba9e15207b5c76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b9ba3998d267ec9ff37f0d4b42080c64b14da2ecbed87be4fba9e15207b5c76
Size

231KB
Sample

221129-ef8r9acf85
MD5

25361e1188398c1b7d3fea6d4b0eb7d0
SHA1

3336dd7937c7887571f7f53645380f1e3f35924b
SHA256

6b9ba3998d267ec9ff37f0d4b42080c64b14da2ecbed87be4fba9e15207b5c76
SHA512

26f658e70d4b8b8f1b53461922ce6ebe0a3f1c7879400f52fa51dbb1373081c313039917f41f45237b0ad91971e7b7b19a49ae299b20b9b3ec283deffaa5d020
SSDEEP

6144:2/3+cBezHTGvRzbsWpJuIDMzYlmpOkIpkZ1hZl:2/9Ci1bRkSQBl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6b9ba3998d267ec9ff37f0d4b42080c64b14da2ecbed87be4fba9e15207b5c76
- Size
  
  231KB
- MD5
  
  25361e1188398c1b7d3fea6d4b0eb7d0
- SHA1
  
  3336dd7937c7887571f7f53645380f1e3f35924b
- SHA256
  
  6b9ba3998d267ec9ff37f0d4b42080c64b14da2ecbed87be4fba9e15207b5c76
- SHA512
  
  26f658e70d4b8b8f1b53461922ce6ebe0a3f1c7879400f52fa51dbb1373081c313039917f41f45237b0ad91971e7b7b19a49ae299b20b9b3ec283deffaa5d020
- SSDEEP
  
  6144:2/3+cBezHTGvRzbsWpJuIDMzYlmpOkIpkZ1hZl:2/9Ci1bRkSQBl
Score

8^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2