General

  • Target

    6186cb1fb5f1b55e499abd80a5a828dfe654d1057631ff4be99efb1d8b2d91bf

  • Size

    106KB

  • Sample

    221202-szvxdsef8v

  • MD5

    de9b478a1d75d8329bbf5d9bbd1f3ed5

  • SHA1

    7767d86f45521b34eb2e2f69525d81efd61f5d26

  • SHA256

    6186cb1fb5f1b55e499abd80a5a828dfe654d1057631ff4be99efb1d8b2d91bf

  • SHA512

    6df36cc1fc523a2ea7e79fe60aa8dbdc0d9496e1ab5c1e474e088018fbfd83e1f8389c200db21661ba308cfdff89e7cb8c7778629f6a28fe0e8f0f47b0723268

  • SSDEEP

    3072:U5l6Nc7yRzs1H75wkZUgsQ6NqTBun5o0CV+dAiQVZUMvHSItcc0lbxOIDrjRoP:El6Nc7yRzs1H75wkZUgsQ6NqTBun5oPO

Score
10/10

Malware Config

Targets

    • Target

      6186cb1fb5f1b55e499abd80a5a828dfe654d1057631ff4be99efb1d8b2d91bf

    • Size

      106KB

    • MD5

      de9b478a1d75d8329bbf5d9bbd1f3ed5

    • SHA1

      7767d86f45521b34eb2e2f69525d81efd61f5d26

    • SHA256

      6186cb1fb5f1b55e499abd80a5a828dfe654d1057631ff4be99efb1d8b2d91bf

    • SHA512

      6df36cc1fc523a2ea7e79fe60aa8dbdc0d9496e1ab5c1e474e088018fbfd83e1f8389c200db21661ba308cfdff89e7cb8c7778629f6a28fe0e8f0f47b0723268

    • SSDEEP

      3072:U5l6Nc7yRzs1H75wkZUgsQ6NqTBun5o0CV+dAiQVZUMvHSItcc0lbxOIDrjRoP:El6Nc7yRzs1H75wkZUgsQ6NqTBun5oPO

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Hidden Files and Directories

1
T1158

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks