c398e2882cad6a2565095eac5d0a5b79e27ed3a9b13a8d6578265774addf24d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c398e2882cad6a2565095eac5d0a5b79e27ed3a9b13a8d6578265774addf24d2
Size

50KB
Sample

221202-w7djvscd23
MD5

380a6b2488ccb27e63f38742411c9ebf
SHA1

1c50d5712d8abad2e6b11c58a23478c808de81ae
SHA256

c398e2882cad6a2565095eac5d0a5b79e27ed3a9b13a8d6578265774addf24d2
SHA512

85aec2cb2afe24a251e63354bbe4d7731f14b8100fca98004d658088379c2e980b0a2a4d59de4c8c23e50b6362ba54bb1a6d34c2af58cba2e9845ecc2056424c
SSDEEP

768:eQJmE666HqpuAu7iJaJzzeWNWm9R7/fW6sQu4n91xJucYXsiDK+yvn4LZ9:eQUE56KpuAB4zeWRn7/fK0xgvsn43

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c398e2882cad6a2565095eac5d0a5b79e27ed3a9b13a8d6578265774addf24d2
- Size
  
  50KB
- MD5
  
  380a6b2488ccb27e63f38742411c9ebf
- SHA1
  
  1c50d5712d8abad2e6b11c58a23478c808de81ae
- SHA256
  
  c398e2882cad6a2565095eac5d0a5b79e27ed3a9b13a8d6578265774addf24d2
- SHA512
  
  85aec2cb2afe24a251e63354bbe4d7731f14b8100fca98004d658088379c2e980b0a2a4d59de4c8c23e50b6362ba54bb1a6d34c2af58cba2e9845ecc2056424c
- SSDEEP
  
  768:eQJmE666HqpuAu7iJaJzzeWNWm9R7/fW6sQu4n91xJucYXsiDK+yvn4LZ9:eQUE56KpuAB4zeWRn7/fK0xgvsn43
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2