fd4719b6df0776382f0d5b3a0a6a90ff8eb77afc0214a8cba1ae1933c295bc8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd4719b6df0776382f0d5b3a0a6a90ff8eb77afc0214a8cba1ae1933c295bc8d
Size

62KB
Sample

221201-s9lfpsgg7v
MD5

1ef96379f3c1725d4961b0599d5aa931
SHA1

c04faa68d5d4f0ef8f23dcc1db0a199db738d0f7
SHA256

fd4719b6df0776382f0d5b3a0a6a90ff8eb77afc0214a8cba1ae1933c295bc8d
SHA512

04c7f5e391a74119255a31daa97105199b1260e8262a599cac4538048bcdc06668950c4e0141417cad578fab454934b787e62b3a8b2922c621546c0c95007f63
SSDEEP

1536:eQVfezDhX6HABLMMcJoz7LJLleOOtJ5ZhFn0wcccccccc:vqYAdUJW7L1leOOL5PFn0wcccccccc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fd4719b6df0776382f0d5b3a0a6a90ff8eb77afc0214a8cba1ae1933c295bc8d
- Size
  
  62KB
- MD5
  
  1ef96379f3c1725d4961b0599d5aa931
- SHA1
  
  c04faa68d5d4f0ef8f23dcc1db0a199db738d0f7
- SHA256
  
  fd4719b6df0776382f0d5b3a0a6a90ff8eb77afc0214a8cba1ae1933c295bc8d
- SHA512
  
  04c7f5e391a74119255a31daa97105199b1260e8262a599cac4538048bcdc06668950c4e0141417cad578fab454934b787e62b3a8b2922c621546c0c95007f63
- SSDEEP
  
  1536:eQVfezDhX6HABLMMcJoz7LJLleOOtJ5ZhFn0wcccccccc:vqYAdUJW7L1leOOL5PFn0wcccccccc
Score

8^/10

persistence
- Blocklisted process makes network request
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2