General

  • Target

    41ac726849190bd7aca2e3e016703f73a64c63a0b1d56f2ad195e6f128f07bb1

  • Size

    101KB

  • Sample

    221129-r2dkfscc5t

  • MD5

    21f67f45e12773548588dbfd7428bcd5

  • SHA1

    e37651d708d758d6380cc6a02362dc7cba48bafe

  • SHA256

    41ac726849190bd7aca2e3e016703f73a64c63a0b1d56f2ad195e6f128f07bb1

  • SHA512

    2a9bb08f1ee1129aa8f65f0681d1c775d3f8364dd46f02d15e00fcf2ae82288027b505e1412bb1df4f128232e09aa9d9c781ba5ac1f1b256c4817d3cfb3f6ea5

  • SSDEEP

    1536:xRvvvb3nReSIo0olnzh6WVbrzQ7ITkF/WGA236tOeXcJtXwrbppqdN:930oln4WVbrzQ7ITkFOIm/MJtXwOdN

Score
10/10

Malware Config

Targets

    • Target

      41ac726849190bd7aca2e3e016703f73a64c63a0b1d56f2ad195e6f128f07bb1

    • Size

      101KB

    • MD5

      21f67f45e12773548588dbfd7428bcd5

    • SHA1

      e37651d708d758d6380cc6a02362dc7cba48bafe

    • SHA256

      41ac726849190bd7aca2e3e016703f73a64c63a0b1d56f2ad195e6f128f07bb1

    • SHA512

      2a9bb08f1ee1129aa8f65f0681d1c775d3f8364dd46f02d15e00fcf2ae82288027b505e1412bb1df4f128232e09aa9d9c781ba5ac1f1b256c4817d3cfb3f6ea5

    • SSDEEP

      1536:xRvvvb3nReSIo0olnzh6WVbrzQ7ITkF/WGA236tOeXcJtXwrbppqdN:930oln4WVbrzQ7ITkFOIm/MJtXwOdN

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Hidden Files and Directories

1
T1158

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks