848018a20cfb5c2e2f496844353143c2ea7df3ed46a731ffb9b444313e41a89d | Triage

Sharing

General

Target

848018a20cfb5c2e2f496844353143c2ea7df3ed46a731ffb9b444313e41a89d
Size

122KB
Sample

221129-thnmesgd6t
MD5

18ffb01905afcf56a083bab77e7d250a
SHA1

553cd62a59d978624350ad41160e332c3577ad94
SHA256

848018a20cfb5c2e2f496844353143c2ea7df3ed46a731ffb9b444313e41a89d
SHA512

721c77d31e9ea7b361906778d015ea9995f520355e4eeed7f448f746e003da0a779538431b73835c315b40c8712e7422d0fe7a038a37f695d27de3edb4052621
SSDEEP

3072:X6LzP3eJOGh6UOWRTwbyUD4sDjUrbbigt/xCro:6Gh6ZWhKymt/4OgJEro

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  848018a20cfb5c2e2f496844353143c2ea7df3ed46a731ffb9b444313e41a89d
- Size
  
  122KB
- MD5
  
  18ffb01905afcf56a083bab77e7d250a
- SHA1
  
  553cd62a59d978624350ad41160e332c3577ad94
- SHA256
  
  848018a20cfb5c2e2f496844353143c2ea7df3ed46a731ffb9b444313e41a89d
- SHA512
  
  721c77d31e9ea7b361906778d015ea9995f520355e4eeed7f448f746e003da0a779538431b73835c315b40c8712e7422d0fe7a038a37f695d27de3edb4052621
- SSDEEP
  
  3072:X6LzP3eJOGh6UOWRTwbyUD4sDjUrbbigt/xCro:6Gh6ZWhKymt/4OgJEro
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2