df68c13c15b37f50c6b1f2917aa73384420a84add5c1a4340519e76f207518b5 | Triage

Sharing

General

Target

df68c13c15b37f50c6b1f2917aa73384420a84add5c1a4340519e76f207518b5
Size

197KB
Sample

221201-tldxdsee76
MD5

2544aebdac1cda17cee812a54e3d7b99
SHA1

8c28ea7072a1a6afc9361a9db0e265003b5e75c0
SHA256

df68c13c15b37f50c6b1f2917aa73384420a84add5c1a4340519e76f207518b5
SHA512

c66a5001876129ad9a3bc9ccc80132ad4c24b7e3845369c6dc0efef49bc51f64cef284d7a9fbc83c4705f92d098985e4d8ef61fd1144e1cbb619571d1d334818
SSDEEP

3072:zpPku1kPjrU2OCA1yLUtoiHhP0GdOdMBYQ4Rxi9daAAt6h6qoxFh1M1XWGndlfLn:NJ6v+5BPtdv4RY9APqofvMPndDJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  df68c13c15b37f50c6b1f2917aa73384420a84add5c1a4340519e76f207518b5
- Size
  
  197KB
- MD5
  
  2544aebdac1cda17cee812a54e3d7b99
- SHA1
  
  8c28ea7072a1a6afc9361a9db0e265003b5e75c0
- SHA256
  
  df68c13c15b37f50c6b1f2917aa73384420a84add5c1a4340519e76f207518b5
- SHA512
  
  c66a5001876129ad9a3bc9ccc80132ad4c24b7e3845369c6dc0efef49bc51f64cef284d7a9fbc83c4705f92d098985e4d8ef61fd1144e1cbb619571d1d334818
- SSDEEP
  
  3072:zpPku1kPjrU2OCA1yLUtoiHhP0GdOdMBYQ4Rxi9daAAt6h6qoxFh1M1XWGndlfLn:NJ6v+5BPtdv4RY9APqofvMPndDJ
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2