98dae5d33c5c679a7a43cfad922a0cb8986ed4551499cd810b74a35756068a83 | Triage

Sharing

General

Target

98dae5d33c5c679a7a43cfad922a0cb8986ed4551499cd810b74a35756068a83
Size

198KB
Sample

221201-zghmnsda2x
MD5

dbf6d37c76471c54d72c32d6aa5e53bc
SHA1

29f86010b5329da4bd91fdeb6bf6180425067030
SHA256

98dae5d33c5c679a7a43cfad922a0cb8986ed4551499cd810b74a35756068a83
SHA512

c5af371f7be116613cf1f29a699e1aaa1b42cee9c6daf7206dd0612505fbac00e3228a493dc210e583dc8e672d2b054b6fb83c0770de24c2a0a8ae786917cea9
SSDEEP

6144:wABMlUdmTKWTE6xkKZ4CDtvhbdApS9TUIItnJIWS6:wDMWTE+HbmpS9ARnJIj6

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  98dae5d33c5c679a7a43cfad922a0cb8986ed4551499cd810b74a35756068a83
- Size
  
  198KB
- MD5
  
  dbf6d37c76471c54d72c32d6aa5e53bc
- SHA1
  
  29f86010b5329da4bd91fdeb6bf6180425067030
- SHA256
  
  98dae5d33c5c679a7a43cfad922a0cb8986ed4551499cd810b74a35756068a83
- SHA512
  
  c5af371f7be116613cf1f29a699e1aaa1b42cee9c6daf7206dd0612505fbac00e3228a493dc210e583dc8e672d2b054b6fb83c0770de24c2a0a8ae786917cea9
- SSDEEP
  
  6144:wABMlUdmTKWTE6xkKZ4CDtvhbdApS9TUIItnJIWS6:wDMWTE+HbmpS9ARnJIj6
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2